Re: [PATCH 2/3] powerpc/book3e: Fix set_memory_x() and set_memory_nx()

From: Christophe Leroy
Date: Wed Oct 27 2021 - 00:55:37 EST

Next message: Alexandre Ghiti: "[PATCH 1/2] riscv: Fix asan-stack clang build"
Previous message: Bjorn Andersson: "Re: [PATCH v2 1/3] dt-bindings: usb: qcom,dwc3: Add multi-pd bindings for dwc3 qcom"
In reply to: Nicholas Piggin: "Re: [PATCH 2/3] powerpc/book3e: Fix set_memory_x() and set_memory_nx()"
Next in thread: Nicholas Piggin: "Re: [PATCH 2/3] powerpc/book3e: Fix set_memory_x() and set_memory_nx()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Le 27/10/2021 à 06:44, Nicholas Piggin a écrit :

Excerpts from Christophe Leroy's message of October 26, 2021 3:39 pm:

set_memory_x() calls pte_mkexec() which sets _PAGE_EXEC.
set_memory_nx() calls pte_exprotec() which clears _PAGE_EXEC.

Book3e has 2 bits, UX and SX, which defines the exec rights
resp. for user (PR=1) and for kernel (PR=0).

_PAGE_EXEC is defined as UX only.

An executable kernel page is set with either _PAGE_KERNEL_RWX
or _PAGE_KERNEL_ROX, which both have SX set and UX cleared.

So set_memory_nx() call for an executable kernel page does
nothing because UX is already cleared.

And set_memory_x() on a non-executable kernel page makes it
executable for the user and keeps it non-executable for kernel.

Also, pte_exec() always returns 'false' on kernel pages, because
it checks _PAGE_EXEC which doesn't include SX, so for instance
the W+X check doesn't work.

To fix this:
- change tlb_low_64e.S to use _PAGE_BAP_UX instead of _PAGE_USER
- sets both UX and SX in _PAGE_EXEC so that pte_user() returns
true whenever one of the two bits is set

I don't understand this change. Which pte_user() returns true after
this change? Or do you mean pte_exec()?

Oops, yes, I mean pte_exec()

Unless I have to re-spin, can Michael eventually fix that typo while applying ?

Does this filter through in some cases at least for kernel executable
PTEs will get both bits set? Seems cleaner to distinguish user and
kernel exec for that but maybe it's a lot of churn?

Didn't understand what you mean.

I did it like that to be able to continue using _PAGE_EXEC for checking executability regardless of whether this is user or kernel, and then continue using the generic nohash pte_exec() helper.

Other solution would be to get rid of _PAGE_EXEC completely for book3e and implement both pte_exec() and pte_mkexec() with _PAGE_BAP_UX and _PAGE_BAP_SX, but I'm not sure it is worth the churn as you say. It would also mean different helpers for book3s/32 when it is using 32 bits PTE (CONFIG_PTE_64BIT=n)

Christophe

Thanks,
Nick

and pte_exprotect()
clears both bits.
- Define a book3e specific version of pte_mkexec() which sets
either SX or UX based on UR.

Fixes: 1f9ad21c3b38 ("powerpc/mm: Implement set_memory() routines")
Signed-off-by: Christophe Leroy <christophe.leroy@xxxxxxxxxx>
---
v3: Removed pte_mkexec() from nohash/64/pgtable.h
v2: New
---

Next message: Alexandre Ghiti: "[PATCH 1/2] riscv: Fix asan-stack clang build"
Previous message: Bjorn Andersson: "Re: [PATCH v2 1/3] dt-bindings: usb: qcom,dwc3: Add multi-pd bindings for dwc3 qcom"
In reply to: Nicholas Piggin: "Re: [PATCH 2/3] powerpc/book3e: Fix set_memory_x() and set_memory_nx()"
Next in thread: Nicholas Piggin: "Re: [PATCH 2/3] powerpc/book3e: Fix set_memory_x() and set_memory_nx()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]