[PATCH 09/12] x86, pkeys: notify userspace about protection key faults

From: Dave Hansen
Date: Thu May 07 2015 - 13:44:52 EST

Next message: Dave Hansen: "[PATCH 07/12] mm: Pass the 4-bit protection key in via PROT_ bits to syscalls"
Previous message: Dave Hansen: "[PATCH 01/12] x86, pkeys: cpuid bit definition"
In reply to: Dave Hansen: "[PATCH 01/12] x86, pkeys: cpuid bit definition"
Next in thread: Dave Hansen: "[PATCH 07/12] mm: Pass the 4-bit protection key in via PROT_ bits to syscalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A protection key fault is very similar to any other access
error. There must be a VMA, etc... We even want to take
the same action (SIGSEGV) that we do with a normal access
fault.

However, we do need to let userspace know that something
is different. We do this the same way what we did with
SEGV_BNDERR with Memory Protection eXtensions (MPX):
define a new SEGV code: SEGV_PKUERR.

We will, at some point need to allow userspace a way to
figure out which protection key coveres the address that
we faulted on. We can either do that with a separate
interface, or we could pass it up in the siginfo like
MPX did.

Suggestions welcome. :)

---

b/arch/x86/mm/fault.c | 5 ++++-
b/include/uapi/asm-generic/siginfo.h | 10 +++++++++-
2 files changed, 13 insertions(+), 2 deletions(-)

diff -puN arch/x86/mm/fault.c~pkeys-13-siginfo arch/x86/mm/fault.c
--- a/arch/x86/mm/fault.c~pkeys-13-siginfo 2015-05-07 10:31:44.169312893 -0700
+++ b/arch/x86/mm/fault.c 2015-05-07 10:31:44.174313118 -0700
@@ -838,7 +838,10 @@ static noinline void
bad_area_access_error(struct pt_regs *regs, unsigned long error_code,
unsigned long address)
{
- __bad_area(regs, error_code, address, SEGV_ACCERR);
+ if (error_code & PF_PK)
+ __bad_area(regs, error_code, address, SEGV_PKUERR);
+ else
+ __bad_area(regs, error_code, address, SEGV_ACCERR);
}

static void
diff -puN include/uapi/asm-generic/siginfo.h~pkeys-13-siginfo include/uapi/asm-generic/siginfo.h
--- a/include/uapi/asm-generic/siginfo.h~pkeys-13-siginfo 2015-05-07 10:31:44.170312938 -0700
+++ b/include/uapi/asm-generic/siginfo.h 2015-05-07 10:31:44.174313118 -0700
@@ -95,6 +95,13 @@ typedef struct siginfo {
void __user *_lower;
void __user *_upper;
} _addr_bnd;
+ int protection_key; /* FIXME: protection key value??
+ * Do we really need this in here?
+ * userspace can get the PKRU value in
+ * the signal handler, but they do not
+ * easily have access to the PKEY value
+ * from the PTE.
+ */
} _sigfault;

/* SIGPOLL */
@@ -206,7 +213,8 @@ typedef struct siginfo {
#define SEGV_MAPERR (__SI_FAULT|1) /* address not mapped to object */
#define SEGV_ACCERR (__SI_FAULT|2) /* invalid permissions for mapped object */
#define SEGV_BNDERR (__SI_FAULT|3) /* failed address bound checks */
-#define NSIGSEGV 3
+#define SEGV_PKUERR (__SI_FAULT|4) /* failed address bound checks */
+#define NSIGSEGV 4

/*
* SIGBUS si_codes
_
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dave Hansen: "[PATCH 07/12] mm: Pass the 4-bit protection key in via PROT_ bits to syscalls"
Previous message: Dave Hansen: "[PATCH 01/12] x86, pkeys: cpuid bit definition"
In reply to: Dave Hansen: "[PATCH 01/12] x86, pkeys: cpuid bit definition"
Next in thread: Dave Hansen: "[PATCH 07/12] mm: Pass the 4-bit protection key in via PROT_ bits to syscalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]