]>
Commit | Line | Data |
---|---|---|
b2441318 | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
5f23f6d0 DH |
2 | #ifndef _PKEYS_HELPER_H |
3 | #define _PKEYS_HELPER_H | |
4 | #define _GNU_SOURCE | |
5 | #include <string.h> | |
6 | #include <stdarg.h> | |
7 | #include <stdio.h> | |
8 | #include <stdint.h> | |
9 | #include <stdbool.h> | |
10 | #include <signal.h> | |
11 | #include <assert.h> | |
12 | #include <stdlib.h> | |
13 | #include <ucontext.h> | |
14 | #include <sys/mman.h> | |
15 | ||
16 | #define NR_PKEYS 16 | |
17 | #define PKRU_BITS_PER_PKEY 2 | |
18 | ||
19 | #ifndef DEBUG_LEVEL | |
20 | #define DEBUG_LEVEL 0 | |
21 | #endif | |
22 | #define DPRINT_IN_SIGNAL_BUF_SIZE 4096 | |
23 | extern int dprint_in_signal; | |
24 | extern char dprint_in_signal_buffer[DPRINT_IN_SIGNAL_BUF_SIZE]; | |
25 | static inline void sigsafe_printf(const char *format, ...) | |
26 | { | |
27 | va_list ap; | |
28 | ||
29 | va_start(ap, format); | |
30 | if (!dprint_in_signal) { | |
31 | vprintf(format, ap); | |
32 | } else { | |
33 | int len = vsnprintf(dprint_in_signal_buffer, | |
34 | DPRINT_IN_SIGNAL_BUF_SIZE, | |
35 | format, ap); | |
36 | /* | |
37 | * len is amount that would have been printed, | |
38 | * but actual write is truncated at BUF_SIZE. | |
39 | */ | |
40 | if (len > DPRINT_IN_SIGNAL_BUF_SIZE) | |
41 | len = DPRINT_IN_SIGNAL_BUF_SIZE; | |
42 | write(1, dprint_in_signal_buffer, len); | |
43 | } | |
44 | va_end(ap); | |
45 | } | |
46 | #define dprintf_level(level, args...) do { \ | |
47 | if (level <= DEBUG_LEVEL) \ | |
48 | sigsafe_printf(args); \ | |
49 | fflush(NULL); \ | |
50 | } while (0) | |
51 | #define dprintf0(args...) dprintf_level(0, args) | |
52 | #define dprintf1(args...) dprintf_level(1, args) | |
53 | #define dprintf2(args...) dprintf_level(2, args) | |
54 | #define dprintf3(args...) dprintf_level(3, args) | |
55 | #define dprintf4(args...) dprintf_level(4, args) | |
56 | ||
57 | extern unsigned int shadow_pkru; | |
58 | static inline unsigned int __rdpkru(void) | |
59 | { | |
60 | unsigned int eax, edx; | |
61 | unsigned int ecx = 0; | |
62 | unsigned int pkru; | |
63 | ||
64 | asm volatile(".byte 0x0f,0x01,0xee\n\t" | |
65 | : "=a" (eax), "=d" (edx) | |
66 | : "c" (ecx)); | |
67 | pkru = eax; | |
68 | return pkru; | |
69 | } | |
70 | ||
71 | static inline unsigned int _rdpkru(int line) | |
72 | { | |
73 | unsigned int pkru = __rdpkru(); | |
74 | ||
75 | dprintf4("rdpkru(line=%d) pkru: %x shadow: %x\n", | |
76 | line, pkru, shadow_pkru); | |
77 | assert(pkru == shadow_pkru); | |
78 | ||
79 | return pkru; | |
80 | } | |
81 | ||
82 | #define rdpkru() _rdpkru(__LINE__) | |
83 | ||
84 | static inline void __wrpkru(unsigned int pkru) | |
85 | { | |
86 | unsigned int eax = pkru; | |
87 | unsigned int ecx = 0; | |
88 | unsigned int edx = 0; | |
89 | ||
90 | dprintf4("%s() changing %08x to %08x\n", __func__, __rdpkru(), pkru); | |
91 | asm volatile(".byte 0x0f,0x01,0xef\n\t" | |
92 | : : "a" (eax), "c" (ecx), "d" (edx)); | |
93 | assert(pkru == __rdpkru()); | |
94 | } | |
95 | ||
96 | static inline void wrpkru(unsigned int pkru) | |
97 | { | |
98 | dprintf4("%s() changing %08x to %08x\n", __func__, __rdpkru(), pkru); | |
99 | /* will do the shadow check for us: */ | |
100 | rdpkru(); | |
101 | __wrpkru(pkru); | |
102 | shadow_pkru = pkru; | |
103 | dprintf4("%s(%08x) pkru: %08x\n", __func__, pkru, __rdpkru()); | |
104 | } | |
105 | ||
106 | /* | |
107 | * These are technically racy. since something could | |
108 | * change PKRU between the read and the write. | |
109 | */ | |
110 | static inline void __pkey_access_allow(int pkey, int do_allow) | |
111 | { | |
112 | unsigned int pkru = rdpkru(); | |
113 | int bit = pkey * 2; | |
114 | ||
115 | if (do_allow) | |
116 | pkru &= (1<<bit); | |
117 | else | |
118 | pkru |= (1<<bit); | |
119 | ||
120 | dprintf4("pkru now: %08x\n", rdpkru()); | |
121 | wrpkru(pkru); | |
122 | } | |
123 | ||
124 | static inline void __pkey_write_allow(int pkey, int do_allow_write) | |
125 | { | |
126 | long pkru = rdpkru(); | |
127 | int bit = pkey * 2 + 1; | |
128 | ||
129 | if (do_allow_write) | |
130 | pkru &= (1<<bit); | |
131 | else | |
132 | pkru |= (1<<bit); | |
133 | ||
134 | wrpkru(pkru); | |
135 | dprintf4("pkru now: %08x\n", rdpkru()); | |
136 | } | |
137 | ||
138 | #define PROT_PKEY0 0x10 /* protection key value (bit 0) */ | |
139 | #define PROT_PKEY1 0x20 /* protection key value (bit 1) */ | |
140 | #define PROT_PKEY2 0x40 /* protection key value (bit 2) */ | |
141 | #define PROT_PKEY3 0x80 /* protection key value (bit 3) */ | |
142 | ||
143 | #define PAGE_SIZE 4096 | |
144 | #define MB (1<<20) | |
145 | ||
146 | static inline void __cpuid(unsigned int *eax, unsigned int *ebx, | |
147 | unsigned int *ecx, unsigned int *edx) | |
148 | { | |
149 | /* ecx is often an input as well as an output. */ | |
150 | asm volatile( | |
151 | "cpuid;" | |
152 | : "=a" (*eax), | |
153 | "=b" (*ebx), | |
154 | "=c" (*ecx), | |
155 | "=d" (*edx) | |
156 | : "0" (*eax), "2" (*ecx)); | |
157 | } | |
158 | ||
159 | /* Intel-defined CPU features, CPUID level 0x00000007:0 (ecx) */ | |
160 | #define X86_FEATURE_PKU (1<<3) /* Protection Keys for Userspace */ | |
161 | #define X86_FEATURE_OSPKE (1<<4) /* OS Protection Keys Enable */ | |
162 | ||
163 | static inline int cpu_has_pku(void) | |
164 | { | |
165 | unsigned int eax; | |
166 | unsigned int ebx; | |
167 | unsigned int ecx; | |
168 | unsigned int edx; | |
169 | ||
170 | eax = 0x7; | |
171 | ecx = 0x0; | |
172 | __cpuid(&eax, &ebx, &ecx, &edx); | |
173 | ||
174 | if (!(ecx & X86_FEATURE_PKU)) { | |
175 | dprintf2("cpu does not have PKU\n"); | |
176 | return 0; | |
177 | } | |
178 | if (!(ecx & X86_FEATURE_OSPKE)) { | |
179 | dprintf2("cpu does not have OSPKE\n"); | |
180 | return 0; | |
181 | } | |
182 | return 1; | |
183 | } | |
184 | ||
185 | #define XSTATE_PKRU_BIT (9) | |
186 | #define XSTATE_PKRU 0x200 | |
187 | ||
188 | int pkru_xstate_offset(void) | |
189 | { | |
190 | unsigned int eax; | |
191 | unsigned int ebx; | |
192 | unsigned int ecx; | |
193 | unsigned int edx; | |
194 | int xstate_offset; | |
195 | int xstate_size; | |
196 | unsigned long XSTATE_CPUID = 0xd; | |
197 | int leaf; | |
198 | ||
199 | /* assume that XSTATE_PKRU is set in XCR0 */ | |
200 | leaf = XSTATE_PKRU_BIT; | |
201 | { | |
202 | eax = XSTATE_CPUID; | |
203 | ecx = leaf; | |
204 | __cpuid(&eax, &ebx, &ecx, &edx); | |
205 | ||
206 | if (leaf == XSTATE_PKRU_BIT) { | |
207 | xstate_offset = ebx; | |
208 | xstate_size = eax; | |
209 | } | |
210 | } | |
211 | ||
212 | if (xstate_size == 0) { | |
213 | printf("could not find size/offset of PKRU in xsave state\n"); | |
214 | return 0; | |
215 | } | |
216 | ||
217 | return xstate_offset; | |
218 | } | |
219 | ||
220 | #endif /* _PKEYS_HELPER_H */ |