diff options
author | Christophe Leroy <christophe.leroy@c-s.fr> | 2020-01-24 11:54:45 +0000 |
---|---|---|
committer | Michael Ellerman <mpe@ellerman.id.au> | 2020-01-28 23:14:44 +1100 |
commit | 3d7dfd632f9b60cfce069b4da517e6b1a1c3f613 (patch) | |
tree | 02ec1e93d286d7c49dce90a4294f8ddc1edb3af4 /arch/powerpc/include/asm/book3s/32 | |
parent | 5cd623333e7cf4e3a334c70529268b65f2a6c2c7 (diff) |
powerpc: Implement user_access_save() and user_access_restore()
Implement user_access_save() and user_access_restore()
On 8xx and radix:
- On save, get the value of the associated special register then
prevent user access.
- On restore, set back the saved value to the associated special
register.
On book3s/32:
- On save, get the value stored in current->thread.kuap and prevent
user access.
- On restore, regenerate address range from the stored value and
reopen read/write access for that range.
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/54f2f74938006b33c55a416674807b42ef222068.1579866752.git.christophe.leroy@c-s.fr
Diffstat (limited to 'arch/powerpc/include/asm/book3s/32')
-rw-r--r-- | arch/powerpc/include/asm/book3s/32/kup.h | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/arch/powerpc/include/asm/book3s/32/kup.h b/arch/powerpc/include/asm/book3s/32/kup.h index 17e069291c72..3c0ba22dc360 100644 --- a/arch/powerpc/include/asm/book3s/32/kup.h +++ b/arch/powerpc/include/asm/book3s/32/kup.h @@ -153,6 +153,29 @@ static __always_inline void prevent_user_access(void __user *to, const void __us kuap_update_sr(mfsrin(addr) | SR_KS, addr, end); /* set Ks */ } +static inline unsigned long prevent_user_access_return(void) +{ + unsigned long flags = current->thread.kuap; + unsigned long addr = flags & 0xf0000000; + unsigned long end = flags << 28; + void __user *to = (__force void __user *)addr; + + if (flags) + prevent_user_access(to, to, end - addr, KUAP_READ_WRITE); + + return flags; +} + +static inline void restore_user_access(unsigned long flags) +{ + unsigned long addr = flags & 0xf0000000; + unsigned long end = flags << 28; + void __user *to = (__force void __user *)addr; + + if (flags) + allow_user_access(to, to, end - addr, KUAP_READ_WRITE); +} + static inline bool bad_kuap_fault(struct pt_regs *regs, unsigned long address, bool is_write) { |