]>
Commit | Line | Data |
---|---|---|
b2441318 | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
5f23f6d0 DH |
2 | #ifndef _PKEYS_HELPER_H |
3 | #define _PKEYS_HELPER_H | |
4 | #define _GNU_SOURCE | |
5 | #include <string.h> | |
6 | #include <stdarg.h> | |
7 | #include <stdio.h> | |
8 | #include <stdint.h> | |
9 | #include <stdbool.h> | |
10 | #include <signal.h> | |
11 | #include <assert.h> | |
12 | #include <stdlib.h> | |
13 | #include <ucontext.h> | |
14 | #include <sys/mman.h> | |
15 | ||
16 | #define NR_PKEYS 16 | |
17 | #define PKRU_BITS_PER_PKEY 2 | |
18 | ||
19 | #ifndef DEBUG_LEVEL | |
20 | #define DEBUG_LEVEL 0 | |
21 | #endif | |
22 | #define DPRINT_IN_SIGNAL_BUF_SIZE 4096 | |
23 | extern int dprint_in_signal; | |
24 | extern char dprint_in_signal_buffer[DPRINT_IN_SIGNAL_BUF_SIZE]; | |
25 | static inline void sigsafe_printf(const char *format, ...) | |
26 | { | |
27 | va_list ap; | |
28 | ||
5f23f6d0 | 29 | if (!dprint_in_signal) { |
caf9eb6b | 30 | va_start(ap, format); |
5f23f6d0 | 31 | vprintf(format, ap); |
caf9eb6b | 32 | va_end(ap); |
5f23f6d0 | 33 | } else { |
7b659ee3 | 34 | int ret; |
5f23f6d0 | 35 | /* |
caf9eb6b DH |
36 | * No printf() functions are signal-safe. |
37 | * They deadlock easily. Write the format | |
38 | * string to get some output, even if | |
39 | * incomplete. | |
5f23f6d0 | 40 | */ |
caf9eb6b | 41 | ret = write(1, format, strlen(format)); |
7b659ee3 | 42 | if (ret < 0) |
caf9eb6b | 43 | exit(1); |
5f23f6d0 | 44 | } |
5f23f6d0 DH |
45 | } |
46 | #define dprintf_level(level, args...) do { \ | |
47 | if (level <= DEBUG_LEVEL) \ | |
48 | sigsafe_printf(args); \ | |
5f23f6d0 DH |
49 | } while (0) |
50 | #define dprintf0(args...) dprintf_level(0, args) | |
51 | #define dprintf1(args...) dprintf_level(1, args) | |
52 | #define dprintf2(args...) dprintf_level(2, args) | |
53 | #define dprintf3(args...) dprintf_level(3, args) | |
54 | #define dprintf4(args...) dprintf_level(4, args) | |
55 | ||
56 | extern unsigned int shadow_pkru; | |
57 | static inline unsigned int __rdpkru(void) | |
58 | { | |
59 | unsigned int eax, edx; | |
60 | unsigned int ecx = 0; | |
61 | unsigned int pkru; | |
62 | ||
63 | asm volatile(".byte 0x0f,0x01,0xee\n\t" | |
64 | : "=a" (eax), "=d" (edx) | |
65 | : "c" (ecx)); | |
66 | pkru = eax; | |
67 | return pkru; | |
68 | } | |
69 | ||
70 | static inline unsigned int _rdpkru(int line) | |
71 | { | |
72 | unsigned int pkru = __rdpkru(); | |
73 | ||
74 | dprintf4("rdpkru(line=%d) pkru: %x shadow: %x\n", | |
75 | line, pkru, shadow_pkru); | |
76 | assert(pkru == shadow_pkru); | |
77 | ||
78 | return pkru; | |
79 | } | |
80 | ||
81 | #define rdpkru() _rdpkru(__LINE__) | |
82 | ||
83 | static inline void __wrpkru(unsigned int pkru) | |
84 | { | |
85 | unsigned int eax = pkru; | |
86 | unsigned int ecx = 0; | |
87 | unsigned int edx = 0; | |
88 | ||
89 | dprintf4("%s() changing %08x to %08x\n", __func__, __rdpkru(), pkru); | |
90 | asm volatile(".byte 0x0f,0x01,0xef\n\t" | |
91 | : : "a" (eax), "c" (ecx), "d" (edx)); | |
92 | assert(pkru == __rdpkru()); | |
93 | } | |
94 | ||
95 | static inline void wrpkru(unsigned int pkru) | |
96 | { | |
97 | dprintf4("%s() changing %08x to %08x\n", __func__, __rdpkru(), pkru); | |
98 | /* will do the shadow check for us: */ | |
99 | rdpkru(); | |
100 | __wrpkru(pkru); | |
101 | shadow_pkru = pkru; | |
102 | dprintf4("%s(%08x) pkru: %08x\n", __func__, pkru, __rdpkru()); | |
103 | } | |
104 | ||
105 | /* | |
106 | * These are technically racy. since something could | |
107 | * change PKRU between the read and the write. | |
108 | */ | |
109 | static inline void __pkey_access_allow(int pkey, int do_allow) | |
110 | { | |
111 | unsigned int pkru = rdpkru(); | |
112 | int bit = pkey * 2; | |
113 | ||
114 | if (do_allow) | |
115 | pkru &= (1<<bit); | |
116 | else | |
117 | pkru |= (1<<bit); | |
118 | ||
119 | dprintf4("pkru now: %08x\n", rdpkru()); | |
120 | wrpkru(pkru); | |
121 | } | |
122 | ||
123 | static inline void __pkey_write_allow(int pkey, int do_allow_write) | |
124 | { | |
125 | long pkru = rdpkru(); | |
126 | int bit = pkey * 2 + 1; | |
127 | ||
128 | if (do_allow_write) | |
129 | pkru &= (1<<bit); | |
130 | else | |
131 | pkru |= (1<<bit); | |
132 | ||
133 | wrpkru(pkru); | |
134 | dprintf4("pkru now: %08x\n", rdpkru()); | |
135 | } | |
136 | ||
137 | #define PROT_PKEY0 0x10 /* protection key value (bit 0) */ | |
138 | #define PROT_PKEY1 0x20 /* protection key value (bit 1) */ | |
139 | #define PROT_PKEY2 0x40 /* protection key value (bit 2) */ | |
140 | #define PROT_PKEY3 0x80 /* protection key value (bit 3) */ | |
141 | ||
142 | #define PAGE_SIZE 4096 | |
143 | #define MB (1<<20) | |
144 | ||
145 | static inline void __cpuid(unsigned int *eax, unsigned int *ebx, | |
146 | unsigned int *ecx, unsigned int *edx) | |
147 | { | |
148 | /* ecx is often an input as well as an output. */ | |
149 | asm volatile( | |
150 | "cpuid;" | |
151 | : "=a" (*eax), | |
152 | "=b" (*ebx), | |
153 | "=c" (*ecx), | |
154 | "=d" (*edx) | |
155 | : "0" (*eax), "2" (*ecx)); | |
156 | } | |
157 | ||
158 | /* Intel-defined CPU features, CPUID level 0x00000007:0 (ecx) */ | |
159 | #define X86_FEATURE_PKU (1<<3) /* Protection Keys for Userspace */ | |
160 | #define X86_FEATURE_OSPKE (1<<4) /* OS Protection Keys Enable */ | |
161 | ||
162 | static inline int cpu_has_pku(void) | |
163 | { | |
164 | unsigned int eax; | |
165 | unsigned int ebx; | |
166 | unsigned int ecx; | |
167 | unsigned int edx; | |
168 | ||
169 | eax = 0x7; | |
170 | ecx = 0x0; | |
171 | __cpuid(&eax, &ebx, &ecx, &edx); | |
172 | ||
173 | if (!(ecx & X86_FEATURE_PKU)) { | |
174 | dprintf2("cpu does not have PKU\n"); | |
175 | return 0; | |
176 | } | |
177 | if (!(ecx & X86_FEATURE_OSPKE)) { | |
178 | dprintf2("cpu does not have OSPKE\n"); | |
179 | return 0; | |
180 | } | |
181 | return 1; | |
182 | } | |
183 | ||
184 | #define XSTATE_PKRU_BIT (9) | |
185 | #define XSTATE_PKRU 0x200 | |
186 | ||
187 | int pkru_xstate_offset(void) | |
188 | { | |
189 | unsigned int eax; | |
190 | unsigned int ebx; | |
191 | unsigned int ecx; | |
192 | unsigned int edx; | |
193 | int xstate_offset; | |
194 | int xstate_size; | |
195 | unsigned long XSTATE_CPUID = 0xd; | |
196 | int leaf; | |
197 | ||
198 | /* assume that XSTATE_PKRU is set in XCR0 */ | |
199 | leaf = XSTATE_PKRU_BIT; | |
200 | { | |
201 | eax = XSTATE_CPUID; | |
202 | ecx = leaf; | |
203 | __cpuid(&eax, &ebx, &ecx, &edx); | |
204 | ||
205 | if (leaf == XSTATE_PKRU_BIT) { | |
206 | xstate_offset = ebx; | |
207 | xstate_size = eax; | |
208 | } | |
209 | } | |
210 | ||
211 | if (xstate_size == 0) { | |
212 | printf("could not find size/offset of PKRU in xsave state\n"); | |
213 | return 0; | |
214 | } | |
215 | ||
216 | return xstate_offset; | |
217 | } | |
218 | ||
219 | #endif /* _PKEYS_HELPER_H */ |