Re: [RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte
From: Ram Pai
Date: Sat Jul 29 2017 - 20:39:55 EST
On Fri, Jul 28, 2017 at 06:00:02PM -0300, Thiago Jung Bauermann wrote:
>
> Ram Pai <linuxram@xxxxxxxxxx> writes:
> > --- a/arch/powerpc/mm/pkeys.c
> > +++ b/arch/powerpc/mm/pkeys.c
> > @@ -201,3 +201,36 @@ int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot,
> > */
> > return vma_pkey(vma);
> > }
> > +
> > +static bool pkey_access_permitted(int pkey, bool write, bool execute)
> > +{
> > + int pkey_shift;
> > + u64 amr;
> > +
> > + if (!pkey)
> > + return true;
> > +
> > + pkey_shift = pkeyshift(pkey);
> > + if (!(read_uamor() & (0x3UL << pkey_shift)))
> > + return true;
> > +
> > + if (execute && !(read_iamr() & (IAMR_EX_BIT << pkey_shift)))
> > + return true;
> > +
> > + if (!write) {
> > + amr = read_amr();
> > + if (!(amr & (AMR_RD_BIT << pkey_shift)))
> > + return true;
> > + }
> > +
> > + amr = read_amr(); /* delay reading amr uptil absolutely needed */
>
> Actually, this is causing amr to be read twice in case control enters
> the "if (!write)" block above but doesn't enter the other if block nested
> in it.
>
> read_amr should be called only once, right before "if (!write)".
the code can be simplified without having to read amr twice.
will fix it.
thanks,
RP
>
> --
> Thiago Jung Bauermann
> IBM Linux Technology Center
--
Ram Pai