Commit 5f23f6d0 authored by Dave Hansen's avatar Dave Hansen Committed by Thomas Gleixner
Browse files

x86/pkeys: Add self-tests 



This code should be a good demonstration of how to use the new
system calls as well as how to use protection keys in general.

This code shows how to:
1. Manipulate the Protection Keys Rights User (PKRU) register
2. Set a protection key on memory
3. Fetch and/or modify PKRU from the signal XSAVE state
4. Read the kernel-provided protection key in the siginfo
5. Set up an execute-only mapping

There are currently 13 tests:

  test_read_of_write_disabled_region
  test_read_of_access_disabled_region
  test_write_of_write_disabled_region
  test_write_of_access_disabled_region
  test_kernel_write_of_access_disabled_region
  test_kernel_write_of_write_disabled_region
  test_kernel_gup_of_access_disabled_region
  test_kernel_gup_write_to_write_disabled_region
  test_executing_on_unreadable_memory
  test_ptrace_of_child
  test_pkey_syscalls_on_non_allocated_pkey
  test_pkey_syscalls_bad_args
  test_pkey_alloc_exhaust

Each of the tests is run with plain memory (via mmap(MAP_ANON)),
transparent huge pages, and hugetlb.

Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
Cc: linux-arch@vger.kernel.org
Cc: Dave Hansen <dave@sr71.net>
Cc: mgorman@techsingularity.net
Cc: arnd@arndb.de
Cc: linux-api@vger.kernel.org
Cc: shuahkh@osg.samsung.com
Cc: linux-mm@kvack.org
Cc: luto@kernel.org
Cc: akpm@linux-foundation.org
Cc: torvalds@linux-foundation.org
Link: http://lkml.kernel.org/r/20160729163024.FC5A0C2D@viggo.jf.intel.com


Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
parent 76de9937

tools/testing/selftests/x86/Makefile

+2 −1
Original line number Diff line number Diff line
@@ -5,7 +5,8 @@ include ../lib.mk 
.PHONY: all all_32 all_64 warn_32bit_failure clean



TARGETS_C_BOTHBITS := single_step_syscall sysret_ss_attrs syscall_nt ptrace_syscall test_mremap_vdso \

			check_initial_reg_state sigreturn ldt_gdt iopl mpx-mini-test

			check_initial_reg_state sigreturn ldt_gdt iopl \

			protection_keys

TARGETS_C_32BIT_ONLY := entry_from_vm86 syscall_arg_fault test_syscall_vdso unwind_vdso \

			test_FCMOV test_FCOMI test_FISTTP \

			vdso_restorer

tools/testing/selftests/x86/pkey-helpers.h

0 → 100644
+219 −0
Original line number Diff line number Diff line 
#ifndef _PKEYS_HELPER_H

#define _PKEYS_HELPER_H

#define _GNU_SOURCE

#include <string.h>

#include <stdarg.h>

#include <stdio.h>

#include <stdint.h>

#include <stdbool.h>

#include <signal.h>

#include <assert.h>

#include <stdlib.h>

#include <ucontext.h>

#include <sys/mman.h>



#define NR_PKEYS 16

#define PKRU_BITS_PER_PKEY 2



#ifndef DEBUG_LEVEL

#define DEBUG_LEVEL 0

#endif

#define DPRINT_IN_SIGNAL_BUF_SIZE 4096

extern int dprint_in_signal;

extern char dprint_in_signal_buffer[DPRINT_IN_SIGNAL_BUF_SIZE];

static inline void sigsafe_printf(const char *format, ...)

{

	va_list ap;



	va_start(ap, format);

	if (!dprint_in_signal) {

		vprintf(format, ap);

	} else {

		int len = vsnprintf(dprint_in_signal_buffer,

				    DPRINT_IN_SIGNAL_BUF_SIZE,

				    format, ap);

		/*

		 * len is amount that would have been printed,

		 * but actual write is truncated at BUF_SIZE.

		 */

		if (len > DPRINT_IN_SIGNAL_BUF_SIZE)

			len = DPRINT_IN_SIGNAL_BUF_SIZE;

		write(1, dprint_in_signal_buffer, len);

	}

	va_end(ap);

}

#define dprintf_level(level, args...) do {	\

	if (level <= DEBUG_LEVEL)		\

		sigsafe_printf(args);		\

	fflush(NULL);				\

} while (0)

#define dprintf0(args...) dprintf_level(0, args)

#define dprintf1(args...) dprintf_level(1, args)

#define dprintf2(args...) dprintf_level(2, args)

#define dprintf3(args...) dprintf_level(3, args)

#define dprintf4(args...) dprintf_level(4, args)



extern unsigned int shadow_pkru;

static inline unsigned int __rdpkru(void)

{

	unsigned int eax, edx;

	unsigned int ecx = 0;

	unsigned int pkru;



	asm volatile(".byte 0x0f,0x01,0xee\n\t"

		     : "=a" (eax), "=d" (edx)

		     : "c" (ecx));

	pkru = eax;

	return pkru;

}



static inline unsigned int _rdpkru(int line)

{

	unsigned int pkru = __rdpkru();



	dprintf4("rdpkru(line=%d) pkru: %x shadow: %x\n",

			line, pkru, shadow_pkru);

	assert(pkru == shadow_pkru);



	return pkru;

}



#define rdpkru() _rdpkru(__LINE__)



static inline void __wrpkru(unsigned int pkru)

{

	unsigned int eax = pkru;

	unsigned int ecx = 0;

	unsigned int edx = 0;



	dprintf4("%s() changing %08x to %08x\n", __func__, __rdpkru(), pkru);

	asm volatile(".byte 0x0f,0x01,0xef\n\t"

		     : : "a" (eax), "c" (ecx), "d" (edx));

	assert(pkru == __rdpkru());

}



static inline void wrpkru(unsigned int pkru)

{

	dprintf4("%s() changing %08x to %08x\n", __func__, __rdpkru(), pkru);

	/* will do the shadow check for us: */

	rdpkru();

	__wrpkru(pkru);

	shadow_pkru = pkru;

	dprintf4("%s(%08x) pkru: %08x\n", __func__, pkru, __rdpkru());

}



/*

 * These are technically racy. since something could

 * change PKRU between the read and the write.

 */

static inline void __pkey_access_allow(int pkey, int do_allow)

{

	unsigned int pkru = rdpkru();

	int bit = pkey * 2;



	if (do_allow)

		pkru &= (1<<bit);

	else

		pkru |= (1<<bit);



	dprintf4("pkru now: %08x\n", rdpkru());

	wrpkru(pkru);

}



static inline void __pkey_write_allow(int pkey, int do_allow_write)

{

	long pkru = rdpkru();

	int bit = pkey * 2 + 1;



	if (do_allow_write)

		pkru &= (1<<bit);

	else

		pkru |= (1<<bit);



	wrpkru(pkru);

	dprintf4("pkru now: %08x\n", rdpkru());

}



#define PROT_PKEY0     0x10            /* protection key value (bit 0) */

#define PROT_PKEY1     0x20            /* protection key value (bit 1) */

#define PROT_PKEY2     0x40            /* protection key value (bit 2) */

#define PROT_PKEY3     0x80            /* protection key value (bit 3) */



#define PAGE_SIZE 4096

#define MB	(1<<20)



static inline void __cpuid(unsigned int *eax, unsigned int *ebx,

		unsigned int *ecx, unsigned int *edx)

{

	/* ecx is often an input as well as an output. */

	asm volatile(

		"cpuid;"

		: "=a" (*eax),

		  "=b" (*ebx),

		  "=c" (*ecx),

		  "=d" (*edx)

		: "0" (*eax), "2" (*ecx));

}



/* Intel-defined CPU features, CPUID level 0x00000007:0 (ecx) */

#define X86_FEATURE_PKU        (1<<3) /* Protection Keys for Userspace */

#define X86_FEATURE_OSPKE      (1<<4) /* OS Protection Keys Enable */



static inline int cpu_has_pku(void)

{

	unsigned int eax;

	unsigned int ebx;

	unsigned int ecx;

	unsigned int edx;



	eax = 0x7;

	ecx = 0x0;

	__cpuid(&eax, &ebx, &ecx, &edx);



	if (!(ecx & X86_FEATURE_PKU)) {

		dprintf2("cpu does not have PKU\n");

		return 0;

	}

	if (!(ecx & X86_FEATURE_OSPKE)) {

		dprintf2("cpu does not have OSPKE\n");

		return 0;

	}

	return 1;

}



#define XSTATE_PKRU_BIT	(9)

#define XSTATE_PKRU	0x200



int pkru_xstate_offset(void)

{

	unsigned int eax;

	unsigned int ebx;

	unsigned int ecx;

	unsigned int edx;

	int xstate_offset;

	int xstate_size;

	unsigned long XSTATE_CPUID = 0xd;

	int leaf;



	/* assume that XSTATE_PKRU is set in XCR0 */

	leaf = XSTATE_PKRU_BIT;

	{

		eax = XSTATE_CPUID;

		ecx = leaf;

		__cpuid(&eax, &ebx, &ecx, &edx);



		if (leaf == XSTATE_PKRU_BIT) {

			xstate_offset = ebx;

			xstate_size = eax;

		}

	}



	if (xstate_size == 0) {

		printf("could not find size/offset of PKRU in xsave state\n");

		return 0;

	}



	return xstate_offset;

}



#endif /* _PKEYS_HELPER_H */

tools/testing/selftests/x86/protection_keys.c

0 → 100644
+1410 −0

File added.

Preview size limit exceeded, changes collapsed.

CRA Git | Maintained and supported by SUSTech CRA and CCSE