Re: [RFC v4 03/17] x86: key creation with PKEY_DISABLE_EXECUTE disallowed

From: Balbir Singh
Date: Tue Jun 27 2017 - 07:33:20 EST

Next message: Balbir Singh: "Re: [RFC v4 02/17] mm: ability to disable execute permission on a key at creation"
Previous message: Frans Klaver: "Re: [PATCH V2] lightnvm: if LUNs are already allocated fix return"
In reply to: Ram Pai: "[RFC v4 03/17] x86: key creation with PKEY_DISABLE_EXECUTE disallowed"
Next in thread: Ram Pai: "[RFC v4 11/17] powerpc: Handle exceptions caused by pkey violation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2017-06-27 at 03:11 -0700, Ram Pai wrote:
> x86 does not support disabling execute permissions on a pkey.
>
> Signed-off-by: Ram Pai <linuxram@xxxxxxxxxx>
> ---
> arch/x86/kernel/fpu/xstate.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
> index c24ac1e..d582631 100644
> --- a/arch/x86/kernel/fpu/xstate.c
> +++ b/arch/x86/kernel/fpu/xstate.c
> @@ -900,6 +900,9 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
> if (!boot_cpu_has(X86_FEATURE_OSPKE))
> return -EINVAL;
>
> + if (init_val & PKEY_DISABLE_EXECUTE)
> + return -EINVAL;
> +
> /* Set the bits we need in PKRU: */
> if (init_val & PKEY_DISABLE_ACCESS)
> new_pkru_bits |= PKRU_AD_BIT;

I am not an x86 expert. IIUC, execute disable is done via allocating an
execute_only_pkey and checking vma_key via AD + vma_flags against VM_EXEC.

Your patch looks good to me

Acked-by: Balbir Singh <bsingharora@xxxxxxxxx>

Balbir Singh.

Next message: Balbir Singh: "Re: [RFC v4 02/17] mm: ability to disable execute permission on a key at creation"
Previous message: Frans Klaver: "Re: [PATCH V2] lightnvm: if LUNs are already allocated fix return"
In reply to: Ram Pai: "[RFC v4 03/17] x86: key creation with PKEY_DISABLE_EXECUTE disallowed"
Next in thread: Ram Pai: "[RFC v4 11/17] powerpc: Handle exceptions caused by pkey violation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]