tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (c) 2014, The Linux Foundation. All rights reserved.
4 */
5#include <linux/kernel.h>
6#include <linux/mm.h>
7#include <linux/module.h>
8#include <linux/sched.h>
9#include <linux/vmalloc.h>
10
11#include <asm/cacheflush.h>
12#include <asm/set_memory.h>
13#include <asm/tlbflush.h>
14
15struct page_change_data {
16 pgprot_t set_mask;
17 pgprot_t clear_mask;
18};
19
20bool rodata_full __ro_after_init = IS_ENABLED(CONFIG_RODATA_FULL_DEFAULT_ENABLED);
21
22bool can_set_direct_map(void)
23{
24 /*
25 * rodata_full, DEBUG_PAGEALLOC and KFENCE require linear map to be
26 * mapped at page granularity, so that it is possible to
27 * protect/unprotect single pages.
28 */
29 return (rodata_enabled && rodata_full) || debug_pagealloc_enabled() ||
30 IS_ENABLED(CONFIG_KFENCE);
31}
32
33static int change_page_range(pte_t *ptep, unsigned long addr, void *data)
34{
35 struct page_change_data *cdata = data;
36 pte_t pte = READ_ONCE(*ptep);
37
38 pte = clear_pte_bit(pte, cdata->clear_mask);
39 pte = set_pte_bit(pte, cdata->set_mask);
40
41 set_pte(ptep, pte);
42 return 0;
43}
44
45/*
46 * This function assumes that the range is mapped with PAGE_SIZE pages.
47 */
48static int __change_memory_common(unsigned long start, unsigned long size,
49 pgprot_t set_mask, pgprot_t clear_mask)
50{
51 struct page_change_data data;
52 int ret;
53
54 data.set_mask = set_mask;
55 data.clear_mask = clear_mask;
56
57 ret = apply_to_page_range(&init_mm, start, size, change_page_range,
58 &data);
59
60 flush_tlb_kernel_range(start, start + size);
61 return ret;
62}
63
64static int change_memory_common(unsigned long addr, int numpages,
65 pgprot_t set_mask, pgprot_t clear_mask)
66{
67 unsigned long start = addr;
68 unsigned long size = PAGE_SIZE * numpages;
69 unsigned long end = start + size;
70 struct vm_struct *area;
71 int i;
72
73 if (!PAGE_ALIGNED(addr)) {
74 start &= PAGE_MASK;
75 end = start + size;
76 WARN_ON_ONCE(1);
77 }
78
79 /*
80 * Kernel VA mappings are always live, and splitting live section
81 * mappings into page mappings may cause TLB conflicts. This means
82 * we have to ensure that changing the permission bits of the range
83 * we are operating on does not result in such splitting.
84 *
85 * Let's restrict ourselves to mappings created by vmalloc (or vmap).
86 * Those are guaranteed to consist entirely of page mappings, and
87 * splitting is never needed.
88 *
89 * So check whether the [addr, addr + size) interval is entirely
90 * covered by precisely one VM area that has the VM_ALLOC flag set.
91 */
92 area = find_vm_area((void *)addr);
93 if (!area ||
94 end > (unsigned long)kasan_reset_tag(area->addr) + area->size ||
95 !(area->flags & VM_ALLOC))
96 return -EINVAL;
97
98 if (!numpages)
99 return 0;
100
101 /*
102 * If we are manipulating read-only permissions, apply the same
103 * change to the linear mapping of the pages that back this VM area.
104 */
105 if (rodata_enabled &&
106 rodata_full && (pgprot_val(set_mask) == PTE_RDONLY ||
107 pgprot_val(clear_mask) == PTE_RDONLY)) {
108 for (i = 0; i < area->nr_pages; i++) {
109 __change_memory_common((u64)page_address(area->pages[i]),
110 PAGE_SIZE, set_mask, clear_mask);
111 }
112 }
113
114 /*
115 * Get rid of potentially aliasing lazily unmapped vm areas that may
116 * have permissions set that deviate from the ones we are setting here.
117 */
118 vm_unmap_aliases();
119
120 return __change_memory_common(start, size, set_mask, clear_mask);
121}
122
123int set_memory_ro(unsigned long addr, int numpages)
124{
125 return change_memory_common(addr, numpages,
126 __pgprot(PTE_RDONLY),
127 __pgprot(PTE_WRITE));
128}
129
130int set_memory_rw(unsigned long addr, int numpages)
131{
132 return change_memory_common(addr, numpages,
133 __pgprot(PTE_WRITE),
134 __pgprot(PTE_RDONLY));
135}
136
137int set_memory_nx(unsigned long addr, int numpages)
138{
139 return change_memory_common(addr, numpages,
140 __pgprot(PTE_PXN),
141 __pgprot(PTE_MAYBE_GP));
142}
143
144int set_memory_x(unsigned long addr, int numpages)
145{
146 return change_memory_common(addr, numpages,
147 __pgprot(PTE_MAYBE_GP),
148 __pgprot(PTE_PXN));
149}
150
151int set_memory_valid(unsigned long addr, int numpages, int enable)
152{
153 if (enable)
154 return __change_memory_common(addr, PAGE_SIZE * numpages,
155 __pgprot(PTE_VALID),
156 __pgprot(0));
157 else
158 return __change_memory_common(addr, PAGE_SIZE * numpages,
159 __pgprot(0),
160 __pgprot(PTE_VALID));
161}
162
163int set_direct_map_invalid_noflush(struct page *page)
164{
165 struct page_change_data data = {
166 .set_mask = __pgprot(0),
167 .clear_mask = __pgprot(PTE_VALID),
168 };
169
170 if (!can_set_direct_map())
171 return 0;
172
173 return apply_to_page_range(&init_mm,
174 (unsigned long)page_address(page),
175 PAGE_SIZE, change_page_range, &data);
176}
177
178int set_direct_map_default_noflush(struct page *page)
179{
180 struct page_change_data data = {
181 .set_mask = __pgprot(PTE_VALID | PTE_WRITE),
182 .clear_mask = __pgprot(PTE_RDONLY),
183 };
184
185 if (!can_set_direct_map())
186 return 0;
187
188 return apply_to_page_range(&init_mm,
189 (unsigned long)page_address(page),
190 PAGE_SIZE, change_page_range, &data);
191}
192
193#ifdef CONFIG_DEBUG_PAGEALLOC
194void __kernel_map_pages(struct page *page, int numpages, int enable)
195{
196 if (!can_set_direct_map())
197 return;
198
199 set_memory_valid((unsigned long)page_address(page), numpages, enable);
200}
201#endif /* CONFIG_DEBUG_PAGEALLOC */
202
203/*
204 * This function is used to determine if a linear map page has been marked as
205 * not-valid. Walk the page table and check the PTE_VALID bit. This is based
206 * on kern_addr_valid(), which almost does what we need.
207 *
208 * Because this is only called on the kernel linear map, p?d_sect() implies
209 * p?d_present(). When debug_pagealloc is enabled, sections mappings are
210 * disabled.
211 */
212bool kernel_page_present(struct page *page)
213{
214 pgd_t *pgdp;
215 p4d_t *p4dp;
216 pud_t *pudp, pud;
217 pmd_t *pmdp, pmd;
218 pte_t *ptep;
219 unsigned long addr = (unsigned long)page_address(page);
220
221 if (!can_set_direct_map())
222 return true;
223
224 pgdp = pgd_offset_k(addr);
225 if (pgd_none(READ_ONCE(*pgdp)))
226 return false;
227
228 p4dp = p4d_offset(pgdp, addr);
229 if (p4d_none(READ_ONCE(*p4dp)))
230 return false;
231
232 pudp = pud_offset(p4dp, addr);
233 pud = READ_ONCE(*pudp);
234 if (pud_none(pud))
235 return false;
236 if (pud_sect(pud))
237 return true;
238
239 pmdp = pmd_offset(pudp, addr);
240 pmd = READ_ONCE(*pmdp);
241 if (pmd_none(pmd))
242 return false;
243 if (pmd_sect(pmd))
244 return true;
245
246 ptep = pte_offset_kernel(pmdp, addr);
247 return pte_valid(READ_ONCE(*ptep));
248}