xref: /OK3568_Linux_fs/kernel/arch/powerpc/include/asm/book3s/32/kup.h (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */
2*4882a593Smuzhiyun #ifndef _ASM_POWERPC_BOOK3S_32_KUP_H
3*4882a593Smuzhiyun #define _ASM_POWERPC_BOOK3S_32_KUP_H
4*4882a593Smuzhiyun 
5*4882a593Smuzhiyun #include <asm/bug.h>
6*4882a593Smuzhiyun #include <asm/book3s/32/mmu-hash.h>
7*4882a593Smuzhiyun 
8*4882a593Smuzhiyun #ifdef __ASSEMBLY__
9*4882a593Smuzhiyun 
10*4882a593Smuzhiyun .macro kuep_update_sr	gpr1, gpr2		/* NEVER use r0 as gpr2 due to addis */
11*4882a593Smuzhiyun 101:	mtsrin	\gpr1, \gpr2
12*4882a593Smuzhiyun 	addi	\gpr1, \gpr1, 0x111		/* next VSID */
13*4882a593Smuzhiyun 	rlwinm	\gpr1, \gpr1, 0, 0xf0ffffff	/* clear VSID overflow */
14*4882a593Smuzhiyun 	addis	\gpr2, \gpr2, 0x1000		/* address of next segment */
15*4882a593Smuzhiyun 	bdnz	101b
16*4882a593Smuzhiyun 	isync
17*4882a593Smuzhiyun .endm
18*4882a593Smuzhiyun 
19*4882a593Smuzhiyun .macro kuep_lock	gpr1, gpr2
20*4882a593Smuzhiyun #ifdef CONFIG_PPC_KUEP
21*4882a593Smuzhiyun 	li	\gpr1, NUM_USER_SEGMENTS
22*4882a593Smuzhiyun 	li	\gpr2, 0
23*4882a593Smuzhiyun 	mtctr	\gpr1
24*4882a593Smuzhiyun 	mfsrin	\gpr1, \gpr2
25*4882a593Smuzhiyun 	oris	\gpr1, \gpr1, SR_NX@h		/* set Nx */
26*4882a593Smuzhiyun 	kuep_update_sr \gpr1, \gpr2
27*4882a593Smuzhiyun #endif
28*4882a593Smuzhiyun .endm
29*4882a593Smuzhiyun 
30*4882a593Smuzhiyun .macro kuep_unlock	gpr1, gpr2
31*4882a593Smuzhiyun #ifdef CONFIG_PPC_KUEP
32*4882a593Smuzhiyun 	li	\gpr1, NUM_USER_SEGMENTS
33*4882a593Smuzhiyun 	li	\gpr2, 0
34*4882a593Smuzhiyun 	mtctr	\gpr1
35*4882a593Smuzhiyun 	mfsrin	\gpr1, \gpr2
36*4882a593Smuzhiyun 	rlwinm	\gpr1, \gpr1, 0, ~SR_NX		/* Clear Nx */
37*4882a593Smuzhiyun 	kuep_update_sr \gpr1, \gpr2
38*4882a593Smuzhiyun #endif
39*4882a593Smuzhiyun .endm
40*4882a593Smuzhiyun 
41*4882a593Smuzhiyun #ifdef CONFIG_PPC_KUAP
42*4882a593Smuzhiyun 
43*4882a593Smuzhiyun .macro kuap_update_sr	gpr1, gpr2, gpr3	/* NEVER use r0 as gpr2 due to addis */
44*4882a593Smuzhiyun 101:	mtsrin	\gpr1, \gpr2
45*4882a593Smuzhiyun 	addi	\gpr1, \gpr1, 0x111		/* next VSID */
46*4882a593Smuzhiyun 	rlwinm	\gpr1, \gpr1, 0, 0xf0ffffff	/* clear VSID overflow */
47*4882a593Smuzhiyun 	addis	\gpr2, \gpr2, 0x1000		/* address of next segment */
48*4882a593Smuzhiyun 	cmplw	\gpr2, \gpr3
49*4882a593Smuzhiyun 	blt-	101b
50*4882a593Smuzhiyun 	isync
51*4882a593Smuzhiyun .endm
52*4882a593Smuzhiyun 
53*4882a593Smuzhiyun .macro kuap_save_and_lock	sp, thread, gpr1, gpr2, gpr3
54*4882a593Smuzhiyun 	lwz	\gpr2, KUAP(\thread)
55*4882a593Smuzhiyun 	rlwinm.	\gpr3, \gpr2, 28, 0xf0000000
56*4882a593Smuzhiyun 	stw	\gpr2, STACK_REGS_KUAP(\sp)
57*4882a593Smuzhiyun 	beq+	102f
58*4882a593Smuzhiyun 	li	\gpr1, 0
59*4882a593Smuzhiyun 	stw	\gpr1, KUAP(\thread)
60*4882a593Smuzhiyun 	mfsrin	\gpr1, \gpr2
61*4882a593Smuzhiyun 	oris	\gpr1, \gpr1, SR_KS@h	/* set Ks */
62*4882a593Smuzhiyun 	kuap_update_sr	\gpr1, \gpr2, \gpr3
63*4882a593Smuzhiyun 102:
64*4882a593Smuzhiyun .endm
65*4882a593Smuzhiyun 
66*4882a593Smuzhiyun .macro kuap_restore	sp, current, gpr1, gpr2, gpr3
67*4882a593Smuzhiyun 	lwz	\gpr2, STACK_REGS_KUAP(\sp)
68*4882a593Smuzhiyun 	rlwinm.	\gpr3, \gpr2, 28, 0xf0000000
69*4882a593Smuzhiyun 	stw	\gpr2, THREAD + KUAP(\current)
70*4882a593Smuzhiyun 	beq+	102f
71*4882a593Smuzhiyun 	mfsrin	\gpr1, \gpr2
72*4882a593Smuzhiyun 	rlwinm	\gpr1, \gpr1, 0, ~SR_KS	/* Clear Ks */
73*4882a593Smuzhiyun 	kuap_update_sr	\gpr1, \gpr2, \gpr3
74*4882a593Smuzhiyun 102:
75*4882a593Smuzhiyun .endm
76*4882a593Smuzhiyun 
77*4882a593Smuzhiyun .macro kuap_check	current, gpr
78*4882a593Smuzhiyun #ifdef CONFIG_PPC_KUAP_DEBUG
79*4882a593Smuzhiyun 	lwz	\gpr, THREAD + KUAP(\current)
80*4882a593Smuzhiyun 999:	twnei	\gpr, 0
81*4882a593Smuzhiyun 	EMIT_BUG_ENTRY 999b, __FILE__, __LINE__, (BUGFLAG_WARNING | BUGFLAG_ONCE)
82*4882a593Smuzhiyun #endif
83*4882a593Smuzhiyun .endm
84*4882a593Smuzhiyun 
85*4882a593Smuzhiyun #endif /* CONFIG_PPC_KUAP */
86*4882a593Smuzhiyun 
87*4882a593Smuzhiyun #else /* !__ASSEMBLY__ */
88*4882a593Smuzhiyun 
89*4882a593Smuzhiyun #ifdef CONFIG_PPC_KUAP
90*4882a593Smuzhiyun 
91*4882a593Smuzhiyun #include <linux/sched.h>
92*4882a593Smuzhiyun 
kuap_update_sr(u32 sr,u32 addr,u32 end)93*4882a593Smuzhiyun static inline void kuap_update_sr(u32 sr, u32 addr, u32 end)
94*4882a593Smuzhiyun {
95*4882a593Smuzhiyun 	addr &= 0xf0000000;	/* align addr to start of segment */
96*4882a593Smuzhiyun 	barrier();	/* make sure thread.kuap is updated before playing with SRs */
97*4882a593Smuzhiyun 	while (addr < end) {
98*4882a593Smuzhiyun 		mtsrin(sr, addr);
99*4882a593Smuzhiyun 		sr += 0x111;		/* next VSID */
100*4882a593Smuzhiyun 		sr &= 0xf0ffffff;	/* clear VSID overflow */
101*4882a593Smuzhiyun 		addr += 0x10000000;	/* address of next segment */
102*4882a593Smuzhiyun 	}
103*4882a593Smuzhiyun 	isync();	/* Context sync required after mtsrin() */
104*4882a593Smuzhiyun }
105*4882a593Smuzhiyun 
allow_user_access(void __user * to,const void __user * from,u32 size,unsigned long dir)106*4882a593Smuzhiyun static __always_inline void allow_user_access(void __user *to, const void __user *from,
107*4882a593Smuzhiyun 					      u32 size, unsigned long dir)
108*4882a593Smuzhiyun {
109*4882a593Smuzhiyun 	u32 addr, end;
110*4882a593Smuzhiyun 
111*4882a593Smuzhiyun 	BUILD_BUG_ON(!__builtin_constant_p(dir));
112*4882a593Smuzhiyun 	BUILD_BUG_ON(dir & ~KUAP_READ_WRITE);
113*4882a593Smuzhiyun 
114*4882a593Smuzhiyun 	if (!(dir & KUAP_WRITE))
115*4882a593Smuzhiyun 		return;
116*4882a593Smuzhiyun 
117*4882a593Smuzhiyun 	addr = (__force u32)to;
118*4882a593Smuzhiyun 
119*4882a593Smuzhiyun 	if (unlikely(addr >= TASK_SIZE || !size))
120*4882a593Smuzhiyun 		return;
121*4882a593Smuzhiyun 
122*4882a593Smuzhiyun 	end = min(addr + size, TASK_SIZE);
123*4882a593Smuzhiyun 
124*4882a593Smuzhiyun 	current->thread.kuap = (addr & 0xf0000000) | ((((end - 1) >> 28) + 1) & 0xf);
125*4882a593Smuzhiyun 	kuap_update_sr(mfsrin(addr) & ~SR_KS, addr, end);	/* Clear Ks */
126*4882a593Smuzhiyun }
127*4882a593Smuzhiyun 
prevent_user_access(void __user * to,const void __user * from,u32 size,unsigned long dir)128*4882a593Smuzhiyun static __always_inline void prevent_user_access(void __user *to, const void __user *from,
129*4882a593Smuzhiyun 						u32 size, unsigned long dir)
130*4882a593Smuzhiyun {
131*4882a593Smuzhiyun 	u32 addr, end;
132*4882a593Smuzhiyun 
133*4882a593Smuzhiyun 	BUILD_BUG_ON(!__builtin_constant_p(dir));
134*4882a593Smuzhiyun 
135*4882a593Smuzhiyun 	if (dir & KUAP_CURRENT_WRITE) {
136*4882a593Smuzhiyun 		u32 kuap = current->thread.kuap;
137*4882a593Smuzhiyun 
138*4882a593Smuzhiyun 		if (unlikely(!kuap))
139*4882a593Smuzhiyun 			return;
140*4882a593Smuzhiyun 
141*4882a593Smuzhiyun 		addr = kuap & 0xf0000000;
142*4882a593Smuzhiyun 		end = kuap << 28;
143*4882a593Smuzhiyun 	} else if (dir & KUAP_WRITE) {
144*4882a593Smuzhiyun 		addr = (__force u32)to;
145*4882a593Smuzhiyun 		end = min(addr + size, TASK_SIZE);
146*4882a593Smuzhiyun 
147*4882a593Smuzhiyun 		if (unlikely(addr >= TASK_SIZE || !size))
148*4882a593Smuzhiyun 			return;
149*4882a593Smuzhiyun 	} else {
150*4882a593Smuzhiyun 		return;
151*4882a593Smuzhiyun 	}
152*4882a593Smuzhiyun 
153*4882a593Smuzhiyun 	current->thread.kuap = 0;
154*4882a593Smuzhiyun 	kuap_update_sr(mfsrin(addr) | SR_KS, addr, end);	/* set Ks */
155*4882a593Smuzhiyun }
156*4882a593Smuzhiyun 
prevent_user_access_return(void)157*4882a593Smuzhiyun static inline unsigned long prevent_user_access_return(void)
158*4882a593Smuzhiyun {
159*4882a593Smuzhiyun 	unsigned long flags = current->thread.kuap;
160*4882a593Smuzhiyun 	unsigned long addr = flags & 0xf0000000;
161*4882a593Smuzhiyun 	unsigned long end = flags << 28;
162*4882a593Smuzhiyun 	void __user *to = (__force void __user *)addr;
163*4882a593Smuzhiyun 
164*4882a593Smuzhiyun 	if (flags)
165*4882a593Smuzhiyun 		prevent_user_access(to, to, end - addr, KUAP_READ_WRITE);
166*4882a593Smuzhiyun 
167*4882a593Smuzhiyun 	return flags;
168*4882a593Smuzhiyun }
169*4882a593Smuzhiyun 
restore_user_access(unsigned long flags)170*4882a593Smuzhiyun static inline void restore_user_access(unsigned long flags)
171*4882a593Smuzhiyun {
172*4882a593Smuzhiyun 	unsigned long addr = flags & 0xf0000000;
173*4882a593Smuzhiyun 	unsigned long end = flags << 28;
174*4882a593Smuzhiyun 	void __user *to = (__force void __user *)addr;
175*4882a593Smuzhiyun 
176*4882a593Smuzhiyun 	if (flags)
177*4882a593Smuzhiyun 		allow_user_access(to, to, end - addr, KUAP_READ_WRITE);
178*4882a593Smuzhiyun }
179*4882a593Smuzhiyun 
180*4882a593Smuzhiyun static inline bool
bad_kuap_fault(struct pt_regs * regs,unsigned long address,bool is_write)181*4882a593Smuzhiyun bad_kuap_fault(struct pt_regs *regs, unsigned long address, bool is_write)
182*4882a593Smuzhiyun {
183*4882a593Smuzhiyun 	unsigned long begin = regs->kuap & 0xf0000000;
184*4882a593Smuzhiyun 	unsigned long end = regs->kuap << 28;
185*4882a593Smuzhiyun 
186*4882a593Smuzhiyun 	if (!is_write)
187*4882a593Smuzhiyun 		return false;
188*4882a593Smuzhiyun 
189*4882a593Smuzhiyun 	return WARN(address < begin || address >= end,
190*4882a593Smuzhiyun 		    "Bug: write fault blocked by segment registers !");
191*4882a593Smuzhiyun }
192*4882a593Smuzhiyun 
193*4882a593Smuzhiyun #endif /* CONFIG_PPC_KUAP */
194*4882a593Smuzhiyun 
195*4882a593Smuzhiyun #endif /* __ASSEMBLY__ */
196*4882a593Smuzhiyun 
197*4882a593Smuzhiyun #endif /* _ASM_POWERPC_BOOK3S_32_KUP_H */
198