Commit 264d7fcc authored by Sandipan Das's avatar Sandipan Das Committed by Michael Ellerman

selftests/powerpc: Add pkey helpers for rights

This adds some new pkey-related helper to print
access rights of a pkey in the "rwx" format and
to generate different valid combinations of pkey
rights starting from a given combination.
Signed-off-by: default avatarSandipan Das <sandipan@linux.ibm.com>
Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/6cc1c7d1f686618668a3e090f1d0c2a4cd9dea3f.1595821792.git.sandipan@linux.ibm.com
parent 128d3d02
...@@ -105,4 +105,32 @@ int siginfo_pkey(siginfo_t *si) ...@@ -105,4 +105,32 @@ int siginfo_pkey(siginfo_t *si)
#endif #endif
} }
#define pkey_rights(r) ({ \
static char buf[4] = "rwx"; \
unsigned int amr_bits; \
if ((r) & PKEY_DISABLE_EXECUTE) \
buf[2] = '-'; \
amr_bits = (r) & PKEY_BITS_MASK; \
if (amr_bits & PKEY_DISABLE_WRITE) \
buf[1] = '-'; \
if (amr_bits & PKEY_DISABLE_ACCESS & ~PKEY_DISABLE_WRITE) \
buf[0] = '-'; \
buf; \
})
unsigned long next_pkey_rights(unsigned long rights)
{
if (rights == PKEY_DISABLE_ACCESS)
return PKEY_DISABLE_EXECUTE;
else if (rights == (PKEY_DISABLE_ACCESS | PKEY_DISABLE_EXECUTE))
return 0;
if ((rights & PKEY_BITS_MASK) == 0)
rights |= PKEY_DISABLE_WRITE;
else if ((rights & PKEY_BITS_MASK) == PKEY_DISABLE_WRITE)
rights |= PKEY_DISABLE_ACCESS;
return rights;
}
#endif /* _SELFTESTS_POWERPC_PKEYS_H */ #endif /* _SELFTESTS_POWERPC_PKEYS_H */
...@@ -102,6 +102,7 @@ static void segv_handler(int signum, siginfo_t *sinfo, void *ctx) ...@@ -102,6 +102,7 @@ static void segv_handler(int signum, siginfo_t *sinfo, void *ctx)
static int test(void) static int test(void)
{ {
struct sigaction segv_act, trap_act; struct sigaction segv_act, trap_act;
unsigned long rights;
int pkey, ret, i; int pkey, ret, i;
ret = pkeys_unsupported(); ret = pkeys_unsupported();
...@@ -150,7 +151,8 @@ static int test(void) ...@@ -150,7 +151,8 @@ static int test(void)
insns[numinsns - 1] = PPC_INST_BLR; insns[numinsns - 1] = PPC_INST_BLR;
/* Allocate a pkey that restricts execution */ /* Allocate a pkey that restricts execution */
pkey = sys_pkey_alloc(0, PKEY_DISABLE_EXECUTE); rights = PKEY_DISABLE_EXECUTE;
pkey = sys_pkey_alloc(0, rights);
FAIL_IF(pkey < 0); FAIL_IF(pkey < 0);
/* /*
...@@ -175,8 +177,8 @@ static int test(void) ...@@ -175,8 +177,8 @@ static int test(void)
*/ */
remaining_faults = 0; remaining_faults = 0;
FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0);
printf("read from %p, pkey is execute-disabled, access-enabled\n", printf("read from %p, pkey permissions are %s\n", fault_addr,
(void *) fault_addr); pkey_rights(rights));
i = *fault_addr; i = *fault_addr;
FAIL_IF(remaining_faults != 0); FAIL_IF(remaining_faults != 0);
...@@ -192,12 +194,13 @@ static int test(void) ...@@ -192,12 +194,13 @@ static int test(void)
*/ */
remaining_faults = 1; remaining_faults = 1;
FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0);
printf("write to %p, pkey is execute-disabled, access-enabled\n", printf("write to %p, pkey permissions are %s\n", fault_addr,
(void *) fault_addr); pkey_rights(rights));
*fault_addr = PPC_INST_TRAP; *fault_addr = PPC_INST_TRAP;
FAIL_IF(remaining_faults != 0 || fault_code != SEGV_ACCERR); FAIL_IF(remaining_faults != 0 || fault_code != SEGV_ACCERR);
/* The following three cases will generate SEGV_PKUERR */ /* The following three cases will generate SEGV_PKUERR */
rights |= PKEY_DISABLE_ACCESS;
fault_type = PKEY_DISABLE_ACCESS; fault_type = PKEY_DISABLE_ACCESS;
fault_pkey = pkey; fault_pkey = pkey;
...@@ -211,9 +214,9 @@ static int test(void) ...@@ -211,9 +214,9 @@ static int test(void)
*/ */
remaining_faults = 1; remaining_faults = 1;
FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0);
printf("read from %p, pkey is execute-disabled, access-disabled\n", pkey_set_rights(pkey, rights);
(void *) fault_addr); printf("read from %p, pkey permissions are %s\n", fault_addr,
pkey_set_rights(pkey, PKEY_DISABLE_ACCESS); pkey_rights(rights));
i = *fault_addr; i = *fault_addr;
FAIL_IF(remaining_faults != 0 || fault_code != SEGV_PKUERR); FAIL_IF(remaining_faults != 0 || fault_code != SEGV_PKUERR);
...@@ -228,9 +231,9 @@ static int test(void) ...@@ -228,9 +231,9 @@ static int test(void)
*/ */
remaining_faults = 2; remaining_faults = 2;
FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0);
printf("write to %p, pkey is execute-disabled, access-disabled\n", pkey_set_rights(pkey, rights);
(void *) fault_addr); printf("write to %p, pkey permissions are %s\n", fault_addr,
pkey_set_rights(pkey, PKEY_DISABLE_ACCESS); pkey_rights(rights));
*fault_addr = PPC_INST_NOP; *fault_addr = PPC_INST_NOP;
FAIL_IF(remaining_faults != 0 || fault_code != SEGV_ACCERR); FAIL_IF(remaining_faults != 0 || fault_code != SEGV_ACCERR);
...@@ -251,8 +254,8 @@ static int test(void) ...@@ -251,8 +254,8 @@ static int test(void)
remaining_faults = 1; remaining_faults = 1;
FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0);
pkey_set_rights(pkey, PKEY_DISABLE_ACCESS); pkey_set_rights(pkey, PKEY_DISABLE_ACCESS);
printf("execute at %p, pkey is execute-disabled, access-disabled\n", printf("execute at %p, pkey permissions are %s\n", fault_addr,
(void *) fault_addr); pkey_rights(rights));
asm volatile("mtctr %0; bctrl" : : "r"(insns)); asm volatile("mtctr %0; bctrl" : : "r"(insns));
FAIL_IF(remaining_faults != 0 || fault_code != SEGV_PKUERR); FAIL_IF(remaining_faults != 0 || fault_code != SEGV_PKUERR);
...@@ -261,7 +264,8 @@ static int test(void) ...@@ -261,7 +264,8 @@ static int test(void)
* fully permissive. * fully permissive.
*/ */
sys_pkey_free(pkey); sys_pkey_free(pkey);
pkey = sys_pkey_alloc(0, 0); rights = 0;
pkey = sys_pkey_alloc(0, rights);
/* /*
* Jump to the executable region when AMR bits are not set * Jump to the executable region when AMR bits are not set
...@@ -274,8 +278,8 @@ static int test(void) ...@@ -274,8 +278,8 @@ static int test(void)
fault_pkey = pkey; fault_pkey = pkey;
remaining_faults = 0; remaining_faults = 0;
FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0); FAIL_IF(sys_pkey_mprotect(insns, pgsize, PROT_EXEC, pkey) != 0);
printf("execute at %p, pkey is execute-enabled, access-enabled\n", printf("execute at %p, pkey permissions are %s\n", fault_addr,
(void *) fault_addr); pkey_rights(rights));
asm volatile("mtctr %0; bctrl" : : "r"(insns)); asm volatile("mtctr %0; bctrl" : : "r"(insns));
FAIL_IF(remaining_faults != 0); FAIL_IF(remaining_faults != 0);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment