1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _ASM_POWERPC_BOOK3S_32_KUP_H
3 #define _ASM_POWERPC_BOOK3S_32_KUP_H
6 #include <asm/book3s/32/mmu-hash.h>
10 #include <linux/jump_label.h>
12 extern struct static_key_false disable_kuap_key;
13 extern struct static_key_false disable_kuep_key;
15 static __always_inline bool kuap_is_disabled(void)
17 return !IS_ENABLED(CONFIG_PPC_KUAP) || static_branch_unlikely(&disable_kuap_key);
20 static __always_inline bool kuep_is_disabled(void)
22 return !IS_ENABLED(CONFIG_PPC_KUEP) || static_branch_unlikely(&disable_kuep_key);
25 static inline void kuep_lock(void)
27 if (kuep_is_disabled())
30 update_user_segments(mfsr(0) | SR_NX);
33 static inline void kuep_unlock(void)
35 if (kuep_is_disabled())
38 update_user_segments(mfsr(0) & ~SR_NX);
41 #ifdef CONFIG_PPC_KUAP
43 #include <linux/sched.h>
45 #define KUAP_NONE (~0UL)
46 #define KUAP_ALL (~1UL)
48 static inline void kuap_lock_one(unsigned long addr)
50 mtsr(mfsr(addr) | SR_KS, addr);
51 isync(); /* Context sync required after mtsr() */
54 static inline void kuap_unlock_one(unsigned long addr)
56 mtsr(mfsr(addr) & ~SR_KS, addr);
57 isync(); /* Context sync required after mtsr() */
60 static inline void kuap_lock_all(void)
62 update_user_segments(mfsr(0) | SR_KS);
63 isync(); /* Context sync required after mtsr() */
66 static inline void kuap_unlock_all(void)
68 update_user_segments(mfsr(0) & ~SR_KS);
69 isync(); /* Context sync required after mtsr() */
72 void kuap_lock_all_ool(void);
73 void kuap_unlock_all_ool(void);
75 static inline void kuap_lock(unsigned long addr, bool ool)
77 if (likely(addr != KUAP_ALL))
85 static inline void kuap_unlock(unsigned long addr, bool ool)
87 if (likely(addr != KUAP_ALL))
88 kuap_unlock_one(addr);
92 kuap_unlock_all_ool();
95 static inline void kuap_save_and_lock(struct pt_regs *regs)
97 unsigned long kuap = current->thread.kuap;
99 if (kuap_is_disabled())
103 if (unlikely(kuap == KUAP_NONE))
106 current->thread.kuap = KUAP_NONE;
107 kuap_lock(kuap, false);
110 static inline void kuap_user_restore(struct pt_regs *regs)
114 static inline void kuap_kernel_restore(struct pt_regs *regs, unsigned long kuap)
116 if (kuap_is_disabled())
119 current->thread.kuap = regs->kuap;
121 kuap_unlock(regs->kuap, false);
124 static inline unsigned long kuap_get_and_assert_locked(void)
126 unsigned long kuap = current->thread.kuap;
128 if (kuap_is_disabled())
131 WARN_ON_ONCE(IS_ENABLED(CONFIG_PPC_KUAP_DEBUG) && kuap != KUAP_NONE);
136 static inline void kuap_assert_locked(void)
138 kuap_get_and_assert_locked();
141 static __always_inline void allow_user_access(void __user *to, const void __user *from,
142 u32 size, unsigned long dir)
144 if (kuap_is_disabled())
147 BUILD_BUG_ON(!__builtin_constant_p(dir));
149 if (!(dir & KUAP_WRITE))
152 current->thread.kuap = (__force u32)to;
153 kuap_unlock_one((__force u32)to);
156 static __always_inline void prevent_user_access(unsigned long dir)
158 u32 kuap = current->thread.kuap;
160 if (kuap_is_disabled())
163 BUILD_BUG_ON(!__builtin_constant_p(dir));
165 if (!(dir & KUAP_WRITE))
168 current->thread.kuap = KUAP_NONE;
169 kuap_lock(kuap, true);
172 static inline unsigned long prevent_user_access_return(void)
174 unsigned long flags = current->thread.kuap;
176 if (kuap_is_disabled())
179 if (flags != KUAP_NONE) {
180 current->thread.kuap = KUAP_NONE;
181 kuap_lock(flags, true);
187 static inline void restore_user_access(unsigned long flags)
189 if (kuap_is_disabled())
192 if (flags != KUAP_NONE) {
193 current->thread.kuap = flags;
194 kuap_unlock(flags, true);
199 bad_kuap_fault(struct pt_regs *regs, unsigned long address, bool is_write)
201 unsigned long kuap = regs->kuap;
203 if (kuap_is_disabled())
206 if (!is_write || kuap == KUAP_ALL)
208 if (kuap == KUAP_NONE)
211 /* If faulting address doesn't match unlocked segment, unlock all */
212 if ((kuap ^ address) & 0xf0000000)
213 regs->kuap = KUAP_ALL;
218 #endif /* CONFIG_PPC_KUAP */
220 #endif /* __ASSEMBLY__ */
222 #endif /* _ASM_POWERPC_BOOK3S_32_KUP_H */