diff options
author | Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com> | 2020-11-27 10:14:18 +0530 |
---|---|---|
committer | Michael Ellerman <mpe@ellerman.id.au> | 2020-12-04 01:01:26 +1100 |
commit | eb232b1624462752dc916d9015b31ecdac0a01f1 (patch) | |
tree | 441bc498a79aa7434ed9cfa3152f0f4e030f3f74 /arch/powerpc/include/asm/book3s/64 | |
parent | powerpc/book3s64/kuap: Restrict access to userspace based on userspace AMR (diff) | |
download | linux-dev-eb232b1624462752dc916d9015b31ecdac0a01f1.tar.xz linux-dev-eb232b1624462752dc916d9015b31ecdac0a01f1.zip |
powerpc/book3s64/kuap: Improve error reporting with KUAP
With hash translation use DSISR_KEYFAULT to identify a wrong access.
With Radix we look at the AMR value and type of fault.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20201127044424.40686-17-aneesh.kumar@linux.ibm.com
Diffstat (limited to 'arch/powerpc/include/asm/book3s/64')
-rw-r--r-- | arch/powerpc/include/asm/book3s/64/kup.h | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/arch/powerpc/include/asm/book3s/64/kup.h b/arch/powerpc/include/asm/book3s/64/kup.h index 4fa0760a47a4..f8f87b5c0e67 100644 --- a/arch/powerpc/include/asm/book3s/64/kup.h +++ b/arch/powerpc/include/asm/book3s/64/kup.h @@ -303,12 +303,29 @@ static inline void set_kuap(unsigned long value) isync(); } -static inline bool -bad_kuap_fault(struct pt_regs *regs, unsigned long address, bool is_write) +#define RADIX_KUAP_BLOCK_READ UL(0x4000000000000000) +#define RADIX_KUAP_BLOCK_WRITE UL(0x8000000000000000) + +static inline bool bad_kuap_fault(struct pt_regs *regs, unsigned long address, + bool is_write, unsigned long error_code) { - return WARN(mmu_has_feature(MMU_FTR_BOOK3S_KUAP) && - (regs->kuap & (is_write ? AMR_KUAP_BLOCK_WRITE : AMR_KUAP_BLOCK_READ)), - "Bug: %s fault blocked by AMR!", is_write ? "Write" : "Read"); + if (!mmu_has_feature(MMU_FTR_BOOK3S_KUAP)) + return false; + + if (radix_enabled()) { + /* + * Will be a storage protection fault. + * Only check the details of AMR[0] + */ + return WARN((regs->kuap & (is_write ? RADIX_KUAP_BLOCK_WRITE : RADIX_KUAP_BLOCK_READ)), + "Bug: %s fault blocked by AMR!", is_write ? "Write" : "Read"); + } + /* + * We don't want to WARN here because userspace can setup + * keys such that a kernel access to user address can cause + * fault + */ + return !!(error_code & DSISR_KEYFAULT); } static __always_inline void allow_user_access(void __user *to, const void __user *from, |