162306a36Sopenharmony_ci/* SPDX-License-Identifier: GPL-2.0 */ 262306a36Sopenharmony_ci#ifndef _ASM_POWERPC_BOOK3S_32_KUP_H 362306a36Sopenharmony_ci#define _ASM_POWERPC_BOOK3S_32_KUP_H 462306a36Sopenharmony_ci 562306a36Sopenharmony_ci#include <asm/bug.h> 662306a36Sopenharmony_ci#include <asm/book3s/32/mmu-hash.h> 762306a36Sopenharmony_ci#include <asm/mmu.h> 862306a36Sopenharmony_ci#include <asm/synch.h> 962306a36Sopenharmony_ci 1062306a36Sopenharmony_ci#ifndef __ASSEMBLY__ 1162306a36Sopenharmony_ci 1262306a36Sopenharmony_ci#ifdef CONFIG_PPC_KUAP 1362306a36Sopenharmony_ci 1462306a36Sopenharmony_ci#include <linux/sched.h> 1562306a36Sopenharmony_ci 1662306a36Sopenharmony_ci#define KUAP_NONE (~0UL) 1762306a36Sopenharmony_ci 1862306a36Sopenharmony_cistatic __always_inline void kuap_lock_one(unsigned long addr) 1962306a36Sopenharmony_ci{ 2062306a36Sopenharmony_ci mtsr(mfsr(addr) | SR_KS, addr); 2162306a36Sopenharmony_ci isync(); /* Context sync required after mtsr() */ 2262306a36Sopenharmony_ci} 2362306a36Sopenharmony_ci 2462306a36Sopenharmony_cistatic __always_inline void kuap_unlock_one(unsigned long addr) 2562306a36Sopenharmony_ci{ 2662306a36Sopenharmony_ci mtsr(mfsr(addr) & ~SR_KS, addr); 2762306a36Sopenharmony_ci isync(); /* Context sync required after mtsr() */ 2862306a36Sopenharmony_ci} 2962306a36Sopenharmony_ci 3062306a36Sopenharmony_cistatic __always_inline void uaccess_begin_32s(unsigned long addr) 3162306a36Sopenharmony_ci{ 3262306a36Sopenharmony_ci unsigned long tmp; 3362306a36Sopenharmony_ci 3462306a36Sopenharmony_ci asm volatile(ASM_MMU_FTR_IFSET( 3562306a36Sopenharmony_ci "mfsrin %0, %1;" 3662306a36Sopenharmony_ci "rlwinm %0, %0, 0, %2;" 3762306a36Sopenharmony_ci "mtsrin %0, %1;" 3862306a36Sopenharmony_ci "isync", "", %3) 3962306a36Sopenharmony_ci : "=&r"(tmp) 4062306a36Sopenharmony_ci : "r"(addr), "i"(~SR_KS), "i"(MMU_FTR_KUAP) 4162306a36Sopenharmony_ci : "memory"); 4262306a36Sopenharmony_ci} 4362306a36Sopenharmony_ci 4462306a36Sopenharmony_cistatic __always_inline void uaccess_end_32s(unsigned long addr) 4562306a36Sopenharmony_ci{ 4662306a36Sopenharmony_ci unsigned long tmp; 4762306a36Sopenharmony_ci 4862306a36Sopenharmony_ci asm volatile(ASM_MMU_FTR_IFSET( 4962306a36Sopenharmony_ci "mfsrin %0, %1;" 5062306a36Sopenharmony_ci "oris %0, %0, %2;" 5162306a36Sopenharmony_ci "mtsrin %0, %1;" 5262306a36Sopenharmony_ci "isync", "", %3) 5362306a36Sopenharmony_ci : "=&r"(tmp) 5462306a36Sopenharmony_ci : "r"(addr), "i"(SR_KS >> 16), "i"(MMU_FTR_KUAP) 5562306a36Sopenharmony_ci : "memory"); 5662306a36Sopenharmony_ci} 5762306a36Sopenharmony_ci 5862306a36Sopenharmony_cistatic __always_inline void __kuap_save_and_lock(struct pt_regs *regs) 5962306a36Sopenharmony_ci{ 6062306a36Sopenharmony_ci unsigned long kuap = current->thread.kuap; 6162306a36Sopenharmony_ci 6262306a36Sopenharmony_ci regs->kuap = kuap; 6362306a36Sopenharmony_ci if (unlikely(kuap == KUAP_NONE)) 6462306a36Sopenharmony_ci return; 6562306a36Sopenharmony_ci 6662306a36Sopenharmony_ci current->thread.kuap = KUAP_NONE; 6762306a36Sopenharmony_ci kuap_lock_one(kuap); 6862306a36Sopenharmony_ci} 6962306a36Sopenharmony_ci#define __kuap_save_and_lock __kuap_save_and_lock 7062306a36Sopenharmony_ci 7162306a36Sopenharmony_cistatic __always_inline void kuap_user_restore(struct pt_regs *regs) 7262306a36Sopenharmony_ci{ 7362306a36Sopenharmony_ci} 7462306a36Sopenharmony_ci 7562306a36Sopenharmony_cistatic __always_inline void __kuap_kernel_restore(struct pt_regs *regs, unsigned long kuap) 7662306a36Sopenharmony_ci{ 7762306a36Sopenharmony_ci if (unlikely(kuap != KUAP_NONE)) { 7862306a36Sopenharmony_ci current->thread.kuap = KUAP_NONE; 7962306a36Sopenharmony_ci kuap_lock_one(kuap); 8062306a36Sopenharmony_ci } 8162306a36Sopenharmony_ci 8262306a36Sopenharmony_ci if (likely(regs->kuap == KUAP_NONE)) 8362306a36Sopenharmony_ci return; 8462306a36Sopenharmony_ci 8562306a36Sopenharmony_ci current->thread.kuap = regs->kuap; 8662306a36Sopenharmony_ci 8762306a36Sopenharmony_ci kuap_unlock_one(regs->kuap); 8862306a36Sopenharmony_ci} 8962306a36Sopenharmony_ci 9062306a36Sopenharmony_cistatic __always_inline unsigned long __kuap_get_and_assert_locked(void) 9162306a36Sopenharmony_ci{ 9262306a36Sopenharmony_ci unsigned long kuap = current->thread.kuap; 9362306a36Sopenharmony_ci 9462306a36Sopenharmony_ci WARN_ON_ONCE(IS_ENABLED(CONFIG_PPC_KUAP_DEBUG) && kuap != KUAP_NONE); 9562306a36Sopenharmony_ci 9662306a36Sopenharmony_ci return kuap; 9762306a36Sopenharmony_ci} 9862306a36Sopenharmony_ci#define __kuap_get_and_assert_locked __kuap_get_and_assert_locked 9962306a36Sopenharmony_ci 10062306a36Sopenharmony_cistatic __always_inline void allow_user_access(void __user *to, const void __user *from, 10162306a36Sopenharmony_ci u32 size, unsigned long dir) 10262306a36Sopenharmony_ci{ 10362306a36Sopenharmony_ci BUILD_BUG_ON(!__builtin_constant_p(dir)); 10462306a36Sopenharmony_ci 10562306a36Sopenharmony_ci if (!(dir & KUAP_WRITE)) 10662306a36Sopenharmony_ci return; 10762306a36Sopenharmony_ci 10862306a36Sopenharmony_ci current->thread.kuap = (__force u32)to; 10962306a36Sopenharmony_ci uaccess_begin_32s((__force u32)to); 11062306a36Sopenharmony_ci} 11162306a36Sopenharmony_ci 11262306a36Sopenharmony_cistatic __always_inline void prevent_user_access(unsigned long dir) 11362306a36Sopenharmony_ci{ 11462306a36Sopenharmony_ci u32 kuap = current->thread.kuap; 11562306a36Sopenharmony_ci 11662306a36Sopenharmony_ci BUILD_BUG_ON(!__builtin_constant_p(dir)); 11762306a36Sopenharmony_ci 11862306a36Sopenharmony_ci if (!(dir & KUAP_WRITE)) 11962306a36Sopenharmony_ci return; 12062306a36Sopenharmony_ci 12162306a36Sopenharmony_ci current->thread.kuap = KUAP_NONE; 12262306a36Sopenharmony_ci uaccess_end_32s(kuap); 12362306a36Sopenharmony_ci} 12462306a36Sopenharmony_ci 12562306a36Sopenharmony_cistatic __always_inline unsigned long prevent_user_access_return(void) 12662306a36Sopenharmony_ci{ 12762306a36Sopenharmony_ci unsigned long flags = current->thread.kuap; 12862306a36Sopenharmony_ci 12962306a36Sopenharmony_ci if (flags != KUAP_NONE) { 13062306a36Sopenharmony_ci current->thread.kuap = KUAP_NONE; 13162306a36Sopenharmony_ci uaccess_end_32s(flags); 13262306a36Sopenharmony_ci } 13362306a36Sopenharmony_ci 13462306a36Sopenharmony_ci return flags; 13562306a36Sopenharmony_ci} 13662306a36Sopenharmony_ci 13762306a36Sopenharmony_cistatic __always_inline void restore_user_access(unsigned long flags) 13862306a36Sopenharmony_ci{ 13962306a36Sopenharmony_ci if (flags != KUAP_NONE) { 14062306a36Sopenharmony_ci current->thread.kuap = flags; 14162306a36Sopenharmony_ci uaccess_begin_32s(flags); 14262306a36Sopenharmony_ci } 14362306a36Sopenharmony_ci} 14462306a36Sopenharmony_ci 14562306a36Sopenharmony_cistatic __always_inline bool 14662306a36Sopenharmony_ci__bad_kuap_fault(struct pt_regs *regs, unsigned long address, bool is_write) 14762306a36Sopenharmony_ci{ 14862306a36Sopenharmony_ci unsigned long kuap = regs->kuap; 14962306a36Sopenharmony_ci 15062306a36Sopenharmony_ci if (!is_write) 15162306a36Sopenharmony_ci return false; 15262306a36Sopenharmony_ci if (kuap == KUAP_NONE) 15362306a36Sopenharmony_ci return true; 15462306a36Sopenharmony_ci 15562306a36Sopenharmony_ci /* 15662306a36Sopenharmony_ci * If faulting address doesn't match unlocked segment, change segment. 15762306a36Sopenharmony_ci * In case of unaligned store crossing two segments, emulate store. 15862306a36Sopenharmony_ci */ 15962306a36Sopenharmony_ci if ((kuap ^ address) & 0xf0000000) { 16062306a36Sopenharmony_ci if (!(kuap & 0x0fffffff) && address > kuap - 4 && fix_alignment(regs)) { 16162306a36Sopenharmony_ci regs_add_return_ip(regs, 4); 16262306a36Sopenharmony_ci emulate_single_step(regs); 16362306a36Sopenharmony_ci } else { 16462306a36Sopenharmony_ci regs->kuap = address; 16562306a36Sopenharmony_ci } 16662306a36Sopenharmony_ci } 16762306a36Sopenharmony_ci 16862306a36Sopenharmony_ci return false; 16962306a36Sopenharmony_ci} 17062306a36Sopenharmony_ci 17162306a36Sopenharmony_ci#endif /* CONFIG_PPC_KUAP */ 17262306a36Sopenharmony_ci 17362306a36Sopenharmony_ci#endif /* __ASSEMBLY__ */ 17462306a36Sopenharmony_ci 17562306a36Sopenharmony_ci#endif /* _ASM_POWERPC_BOOK3S_32_KUP_H */ 176