From: Dave Hansen <dave.hansen@linux.intel.com> To: linux-mm@kvack.org Cc: linux-kernel@vger.kernel.org, Dave Hansen <dave.hansen@linux.intel.com>, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, x86@kernel.org, luto@kernel.org Subject: [RFC][PATCH 8/8] x86/pkeys: remove init_pkru_value variable Date: Tue, 22 Jun 2021 15:25:10 -0700 [thread overview] Message-ID: <20210622222510.0E201C34@viggo.jf.intel.com> (raw) In-Reply-To: <20210622222455.E901B5AC@viggo.jf.intel.com> From: Dave Hansen <dave.hansen@linux.intel.com> The kernel maintains a "default" PKRU value. This is logically similar to the hardware "init state", but the kernel chose a more restrictive value. This default is stored in a variable: 'init_pkru_value'. The default is also mirrored into the 'init_task' so that the value is picked up by things like new kernel threads. Both copies are not needed. Remove the variable and depend instead on the copy inside the 'init_task'. Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: Borislav Petkov <bp@alien8.de> Cc: x86@kernel.org Cc: Andy Lutomirski <luto@kernel.org> --- b/arch/x86/include/asm/pkru.h | 5 ++--- b/arch/x86/kernel/cpu/common.c | 22 ++++++++++++++++++---- b/arch/x86/mm/pkeys.c | 19 ++----------------- 3 files changed, 22 insertions(+), 24 deletions(-) diff -puN arch/x86/include/asm/pkru.h~axe-init_pkru_value arch/x86/include/asm/pkru.h --- a/arch/x86/include/asm/pkru.h~axe-init_pkru_value 2021-06-22 14:49:14.772051742 -0700 +++ b/arch/x86/include/asm/pkru.h 2021-06-22 14:49:14.781051742 -0700 @@ -2,6 +2,7 @@ #ifndef _ASM_X86_PKRU_H #define _ASM_X86_PKRU_H +#include <linux/sched/task.h> #include <asm/fpu/xstate.h> #define PKRU_AD_BIT 0x1 @@ -9,10 +10,8 @@ #define PKRU_BITS_PER_PKEY 2 #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS -extern u32 init_pkru_value; -#define pkru_get_init_value() READ_ONCE(init_pkru_value) +#define pkru_get_init_value() READ_ONCE(init_task.thread.pkru) #else -#define init_pkru_value 0 #define pkru_get_init_value() 0 #endif diff -puN arch/x86/kernel/cpu/common.c~axe-init_pkru_value arch/x86/kernel/cpu/common.c --- a/arch/x86/kernel/cpu/common.c~axe-init_pkru_value 2021-06-22 14:49:14.774051742 -0700 +++ b/arch/x86/kernel/cpu/common.c 2021-06-22 14:49:14.782051742 -0700 @@ -464,6 +464,8 @@ __setup("nofsgsbase", x86_nofsgsbase_set */ static bool pku_disabled; +#define PKRU_AD_KEY(pkey) (PKRU_AD_BIT << ((pkey) * PKRU_BITS_PER_PKEY)) + static __always_inline void setup_pku(struct cpuinfo_x86 *c) { if (c == &boot_cpu_data) { @@ -480,11 +482,23 @@ static __always_inline void setup_pku(st } cr4_set_bits(X86_CR4_PKE); - /* Load the default PKRU value */ - pkru_write_default(); - /* Establish the default value for future tasks: */ - init_task.thread.pkru = init_pkru_value; + /* + * Establish the default value for future tasks. + * + * This is as restrictive as possible. It ensures that a threads + * clone()'d early in a process's lifetime will not accidentally + * get access to data which is pkey-protected later on. + */ + init_task.thread.pkru = + PKRU_AD_KEY( 1) | PKRU_AD_KEY( 2) | PKRU_AD_KEY( 3) | + PKRU_AD_KEY( 4) | PKRU_AD_KEY( 5) | PKRU_AD_KEY( 6) | + PKRU_AD_KEY( 7) | PKRU_AD_KEY( 8) | PKRU_AD_KEY( 9) | + PKRU_AD_KEY(10) | PKRU_AD_KEY(11) | PKRU_AD_KEY(12) | + PKRU_AD_KEY(13) | PKRU_AD_KEY(14) | PKRU_AD_KEY(15); + + /* Load the default PKRU value into this CPU's register: */ + pkru_write_default(); } #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS diff -puN arch/x86/mm/pkeys.c~axe-init_pkru_value arch/x86/mm/pkeys.c --- a/arch/x86/mm/pkeys.c~axe-init_pkru_value 2021-06-22 14:49:14.778051742 -0700 +++ b/arch/x86/mm/pkeys.c 2021-06-22 14:49:14.782051742 -0700 @@ -110,27 +110,13 @@ int __arch_override_mprotect_pkey(struct return vma_pkey(vma); } -#define PKRU_AD_KEY(pkey) (PKRU_AD_BIT << ((pkey) * PKRU_BITS_PER_PKEY)) - -/* - * Make the default PKRU value (at execve() time) as restrictive - * as possible. This ensures that any threads clone()'d early - * in the process's lifetime will not accidentally get access - * to data which is pkey-protected later on. - */ -u32 init_pkru_value = PKRU_AD_KEY( 1) | PKRU_AD_KEY( 2) | PKRU_AD_KEY( 3) | - PKRU_AD_KEY( 4) | PKRU_AD_KEY( 5) | PKRU_AD_KEY( 6) | - PKRU_AD_KEY( 7) | PKRU_AD_KEY( 8) | PKRU_AD_KEY( 9) | - PKRU_AD_KEY(10) | PKRU_AD_KEY(11) | PKRU_AD_KEY(12) | - PKRU_AD_KEY(13) | PKRU_AD_KEY(14) | PKRU_AD_KEY(15); - static ssize_t init_pkru_read_file(struct file *file, char __user *user_buf, size_t count, loff_t *ppos) { char buf[32]; unsigned int len; - len = sprintf(buf, "0x%x\n", init_pkru_value); + len = sprintf(buf, "0x%x\n", init_task.thread.pkru); return simple_read_from_buffer(user_buf, count, ppos, buf, len); } @@ -158,7 +144,6 @@ static ssize_t init_pkru_write_file(stru if (new_init_pkru & (PKRU_AD_BIT|PKRU_WD_BIT)) return -EINVAL; - WRITE_ONCE(init_pkru_value, new_init_pkru); WRITE_ONCE(init_task.thread.pkru, new_init_pkru); return count; @@ -185,7 +170,7 @@ static __init int setup_init_pkru(char * if (kstrtouint(opt, 0, &new_init_pkru)) return 1; - WRITE_ONCE(init_pkru_value, new_init_pkru); + WRITE_ONCE(init_task.thread.pkru, new_init_pkru); return 1; } _
WARNING: multiple messages have this Message-ID (diff)
From: Dave Hansen <dave.hansen@linux.intel.com> To: linux-mm@kvack.org Cc: linux-kernel@vger.kernel.org,Dave Hansen <dave.hansen@linux.intel.com>,tglx@linutronix.de,mingo@redhat.com,bp@alien8.de,x86@kernel.org,luto@kernel.org Subject: [RFC][PATCH 8/8] x86/pkeys: remove init_pkru_value variable Date: Tue, 22 Jun 2021 15:25:10 -0700 [thread overview] Message-ID: <20210622222510.0E201C34@viggo.jf.intel.com> (raw) In-Reply-To: <20210622222455.E901B5AC@viggo.jf.intel.com> From: Dave Hansen <dave.hansen@linux.intel.com> The kernel maintains a "default" PKRU value. This is logically similar to the hardware "init state", but the kernel chose a more restrictive value. This default is stored in a variable: 'init_pkru_value'. The default is also mirrored into the 'init_task' so that the value is picked up by things like new kernel threads. Both copies are not needed. Remove the variable and depend instead on the copy inside the 'init_task'. Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: Borislav Petkov <bp@alien8.de> Cc: x86@kernel.org Cc: Andy Lutomirski <luto@kernel.org> --- b/arch/x86/include/asm/pkru.h | 5 ++--- b/arch/x86/kernel/cpu/common.c | 22 ++++++++++++++++++---- b/arch/x86/mm/pkeys.c | 19 ++----------------- 3 files changed, 22 insertions(+), 24 deletions(-) diff -puN arch/x86/include/asm/pkru.h~axe-init_pkru_value arch/x86/include/asm/pkru.h --- a/arch/x86/include/asm/pkru.h~axe-init_pkru_value 2021-06-22 14:49:14.772051742 -0700 +++ b/arch/x86/include/asm/pkru.h 2021-06-22 14:49:14.781051742 -0700 @@ -2,6 +2,7 @@ #ifndef _ASM_X86_PKRU_H #define _ASM_X86_PKRU_H +#include <linux/sched/task.h> #include <asm/fpu/xstate.h> #define PKRU_AD_BIT 0x1 @@ -9,10 +10,8 @@ #define PKRU_BITS_PER_PKEY 2 #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS -extern u32 init_pkru_value; -#define pkru_get_init_value() READ_ONCE(init_pkru_value) +#define pkru_get_init_value() READ_ONCE(init_task.thread.pkru) #else -#define init_pkru_value 0 #define pkru_get_init_value() 0 #endif diff -puN arch/x86/kernel/cpu/common.c~axe-init_pkru_value arch/x86/kernel/cpu/common.c --- a/arch/x86/kernel/cpu/common.c~axe-init_pkru_value 2021-06-22 14:49:14.774051742 -0700 +++ b/arch/x86/kernel/cpu/common.c 2021-06-22 14:49:14.782051742 -0700 @@ -464,6 +464,8 @@ __setup("nofsgsbase", x86_nofsgsbase_set */ static bool pku_disabled; +#define PKRU_AD_KEY(pkey) (PKRU_AD_BIT << ((pkey) * PKRU_BITS_PER_PKEY)) + static __always_inline void setup_pku(struct cpuinfo_x86 *c) { if (c == &boot_cpu_data) { @@ -480,11 +482,23 @@ static __always_inline void setup_pku(st } cr4_set_bits(X86_CR4_PKE); - /* Load the default PKRU value */ - pkru_write_default(); - /* Establish the default value for future tasks: */ - init_task.thread.pkru = init_pkru_value; + /* + * Establish the default value for future tasks. + * + * This is as restrictive as possible. It ensures that a threads + * clone()'d early in a process's lifetime will not accidentally + * get access to data which is pkey-protected later on. + */ + init_task.thread.pkru = + PKRU_AD_KEY( 1) | PKRU_AD_KEY( 2) | PKRU_AD_KEY( 3) | + PKRU_AD_KEY( 4) | PKRU_AD_KEY( 5) | PKRU_AD_KEY( 6) | + PKRU_AD_KEY( 7) | PKRU_AD_KEY( 8) | PKRU_AD_KEY( 9) | + PKRU_AD_KEY(10) | PKRU_AD_KEY(11) | PKRU_AD_KEY(12) | + PKRU_AD_KEY(13) | PKRU_AD_KEY(14) | PKRU_AD_KEY(15); + + /* Load the default PKRU value into this CPU's register: */ + pkru_write_default(); } #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS diff -puN arch/x86/mm/pkeys.c~axe-init_pkru_value arch/x86/mm/pkeys.c --- a/arch/x86/mm/pkeys.c~axe-init_pkru_value 2021-06-22 14:49:14.778051742 -0700 +++ b/arch/x86/mm/pkeys.c 2021-06-22 14:49:14.782051742 -0700 @@ -110,27 +110,13 @@ int __arch_override_mprotect_pkey(struct return vma_pkey(vma); } -#define PKRU_AD_KEY(pkey) (PKRU_AD_BIT << ((pkey) * PKRU_BITS_PER_PKEY)) - -/* - * Make the default PKRU value (at execve() time) as restrictive - * as possible. This ensures that any threads clone()'d early - * in the process's lifetime will not accidentally get access - * to data which is pkey-protected later on. - */ -u32 init_pkru_value = PKRU_AD_KEY( 1) | PKRU_AD_KEY( 2) | PKRU_AD_KEY( 3) | - PKRU_AD_KEY( 4) | PKRU_AD_KEY( 5) | PKRU_AD_KEY( 6) | - PKRU_AD_KEY( 7) | PKRU_AD_KEY( 8) | PKRU_AD_KEY( 9) | - PKRU_AD_KEY(10) | PKRU_AD_KEY(11) | PKRU_AD_KEY(12) | - PKRU_AD_KEY(13) | PKRU_AD_KEY(14) | PKRU_AD_KEY(15); - static ssize_t init_pkru_read_file(struct file *file, char __user *user_buf, size_t count, loff_t *ppos) { char buf[32]; unsigned int len; - len = sprintf(buf, "0x%x\n", init_pkru_value); + len = sprintf(buf, "0x%x\n", init_task.thread.pkru); return simple_read_from_buffer(user_buf, count, ppos, buf, len); } @@ -158,7 +144,6 @@ static ssize_t init_pkru_write_file(stru if (new_init_pkru & (PKRU_AD_BIT|PKRU_WD_BIT)) return -EINVAL; - WRITE_ONCE(init_pkru_value, new_init_pkru); WRITE_ONCE(init_task.thread.pkru, new_init_pkru); return count; @@ -185,7 +170,7 @@ static __init int setup_init_pkru(char * if (kstrtouint(opt, 0, &new_init_pkru)) return 1; - WRITE_ONCE(init_pkru_value, new_init_pkru); + WRITE_ONCE(init_task.thread.pkru, new_init_pkru); return 1; } _
next prev parent reply other threads:[~2021-06-22 22:26 UTC|newest] Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-06-22 22:24 [RFC][PATCH 0/8] x86/pkeys: remove PKRU from kernel XSAVE buffer Dave Hansen 2021-06-22 22:24 ` Dave Hansen 2021-06-22 22:24 ` [RFC][PATCH 1/8] x86/pkeys: add PKRU storage outside of task " Dave Hansen 2021-06-22 22:24 ` Dave Hansen 2021-06-22 22:24 ` [RFC][PATCH 2/8] x86/fpu: hook up PKRU into signal user ABIs Dave Hansen 2021-06-22 22:24 ` Dave Hansen 2021-06-22 22:25 ` [RFC][PATCH 3/8] x86/fpu: separate the setup of xfeatures not in fpstate Dave Hansen 2021-06-22 22:25 ` Dave Hansen 2021-06-22 22:25 ` [RFC][PATCH 4/8] x86/fpu: remove PKRU from FPU user state clearing Dave Hansen 2021-06-22 22:25 ` Dave Hansen 2021-06-22 22:25 ` [RFC][PATCH 5/8] x86/fpu: XSAVE buffer access routine rename Dave Hansen 2021-06-22 22:25 ` Dave Hansen 2021-06-22 22:25 ` [RFC][PATCH 6/8] x86/fpu: update xstate size calculations for non-XSAVE-managed features Dave Hansen 2021-06-22 22:25 ` Dave Hansen 2021-06-22 22:25 ` [RFC][PATCH 7/8] x86/fpu: actually stop using XSAVE on PKRU Dave Hansen 2021-06-22 22:25 ` Dave Hansen 2021-06-22 22:25 ` Dave Hansen [this message] 2021-06-22 22:25 ` [RFC][PATCH 8/8] x86/pkeys: remove init_pkru_value variable Dave Hansen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20210622222510.0E201C34@viggo.jf.intel.com \ --to=dave.hansen@linux.intel.com \ --cc=bp@alien8.de \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=luto@kernel.org \ --cc=mingo@redhat.com \ --cc=tglx@linutronix.de \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.