diff options
| author | Christophe Leroy <christophe.leroy@c-s.fr> | 2019-03-11 11:30:34 +0300 |
|---|---|---|
| committer | Michael Ellerman <mpe@ellerman.id.au> | 2019-04-21 16:11:46 +0300 |
| commit | 2679f9bd0abafb3044bcbaac0600b32159ac8bf2 (patch) | |
| tree | 77543dc9837adb96bd9bd4ee3465015a47c08029 /arch/powerpc/mm | |
| parent | 06fbe81b5909847aa13f9c86c2b6f9bbc5c2795b (diff) | |
| download | linux-2679f9bd0abafb3044bcbaac0600b32159ac8bf2.tar.xz | |
powerpc/8xx: Add Kernel Userspace Access Protection
This patch adds Kernel Userspace Access Protection on the 8xx.
When a page is RO or RW, it is set RO or RW for Key 0 and NA
for Key 1.
Up to now, the User group is defined with Key 0 for both User and
Supervisor.
By changing the group to Key 0 for User and Key 1 for Supervisor,
this patch prevents the Kernel from being able to access user data.
At exception entry, the kernel saves SPRN_MD_AP in the regs struct,
and reapply the protection. At exception exit it restores SPRN_MD_AP
with the value saved on exception entry.
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
[mpe: Drop allow_read/write_to/from_user() as they're now in kup.h]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Diffstat (limited to 'arch/powerpc/mm')
| -rw-r--r-- | arch/powerpc/mm/8xx_mmu.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/arch/powerpc/mm/8xx_mmu.c b/arch/powerpc/mm/8xx_mmu.c index e257a0c9bd08..87648b58d295 100644 --- a/arch/powerpc/mm/8xx_mmu.c +++ b/arch/powerpc/mm/8xx_mmu.c @@ -225,3 +225,15 @@ void __init setup_kuep(bool disabled) mtspr(SPRN_MI_AP, MI_APG_KUEP); } #endif + +#ifdef CONFIG_PPC_KUAP +void __init setup_kuap(bool disabled) +{ + pr_info("Activating Kernel Userspace Access Protection\n"); + + if (disabled) + pr_warn("KUAP cannot be disabled yet on 8xx when compiled in\n"); + + mtspr(SPRN_MD_AP, MD_APG_KUAP); +} +#endif |