From patchwork Fri Jun 11 16:42:00 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dave Hansen <dave.hansen@linux.intel.com>
X-Patchwork-Id: 12316177
Return-Path: <SRS0=QBBA=LF=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_RED autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E6DF6C48BE5
	for <linux-mm@archiver.kernel.org>; Fri, 11 Jun 2021 16:42:06 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 8E4E0613BA
	for <linux-mm@archiver.kernel.org>; Fri, 11 Jun 2021 16:42:06 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8E4E0613BA
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=linux.intel.com
Authentication-Results: mail.kernel.org;
 spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id DF1766B006E; Fri, 11 Jun 2021 12:42:05 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id D2B4A6B0070; Fri, 11 Jun 2021 12:42:05 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id BA2456B0072; Fri, 11 Jun 2021 12:42:05 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0110.hostedemail.com
 [216.40.44.110])
	by kanga.kvack.org (Postfix) with ESMTP id 8AEC86B006E
	for <linux-mm@kvack.org>; Fri, 11 Jun 2021 12:42:05 -0400 (EDT)
Received: from smtpin20.hostedemail.com (10.5.19.251.rfc1918.com
 [10.5.19.251])
	by forelay04.hostedemail.com (Postfix) with ESMTP id 3099DBBDD
	for <linux-mm@kvack.org>; Fri, 11 Jun 2021 16:42:05 +0000 (UTC)
X-FDA: 78242010210.20.2F9C2A5
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151])
	by imf15.hostedemail.com (Postfix) with ESMTP id 5F352A0001A9
	for <linux-mm@kvack.org>; Fri, 11 Jun 2021 16:42:01 +0000 (UTC)
IronPort-SDR: 
 z0gSj2GAC3ipaOCshUNRuIyO0Py08yhbLrBqDbFnOEhw68PTpI3J2chmj79akMBYORo0dGJjbR
 bp21ITz8a2jA==
X-IronPort-AV: E=McAfee;i="6200,9189,10012"; a="185935764"
X-IronPort-AV: E=Sophos;i="5.83,265,1616482800";
   d="scan'208";a="185935764"
Received: from orsmga005.jf.intel.com ([10.7.209.41])
  by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 11 Jun 2021 09:42:01 -0700
IronPort-SDR: 
 wRPaDX1gGG8fOu6fJr+Iegl09SZ7B5jfVlVexaS3j0Vgf2plRYPCHLwQDi6zEETFVW7BHWpFGP
 pIIiago9GOCg==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.83,265,1616482800";
   d="scan'208";a="620429251"
Received: from viggo.jf.intel.com (HELO localhost.localdomain)
 ([10.54.77.144])
  by orsmga005.jf.intel.com with ESMTP; 11 Jun 2021 09:42:00 -0700
Subject: [PATCH 3/4] selftests/vm/pkeys: Refill shadow register after implicit
 kernel write
To: linux-mm@kvack.org
Cc: linux-kernel@vger.kernel.org,Dave Hansen
 <dave.hansen@linux.intel.com>,tglx@linutronix.de,linuxram@us.ibm.com,sandipan@linux.ibm.com,akpm@linux-foundation.org,fweimer@redhat.com,desnesn@linux.vnet.ibm.com,mingo@kernel.org,bauerman@linux.ibm.com,aneesh.kumar@linux.ibm.com,mpe@ellerman.id.au,mhocko@kernel.org,msuchanek@suse.de,shuah@kernel.org,x86@kernel.org
From: Dave Hansen <dave.hansen@linux.intel.com>
Date: Fri, 11 Jun 2021 09:42:00 -0700
References: <20210611164153.91B76FB8@viggo.jf.intel.com>
In-Reply-To: <20210611164153.91B76FB8@viggo.jf.intel.com>
Message-Id: <20210611164200.EF76AB73@viggo.jf.intel.com>
Authentication-Results: imf15.hostedemail.com;
	dkim=none;
	dmarc=fail reason="No valid SPF,
 No valid DKIM" header.from=intel.com (policy=none);
	spf=none (imf15.hostedemail.com: domain of dave.hansen@linux.intel.com has no
 SPF policy when checking 192.55.52.151)
 smtp.mailfrom=dave.hansen@linux.intel.com
X-Rspamd-Server: rspam02
X-Stat-Signature: fdjop64b5ptuh43bmdbyb4xjy7kppycy
X-Rspamd-Queue-Id: 5F352A0001A9
X-HE-Tag: 1623429721-307184
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

From: Dave Hansen <dave.hansen@linux.intel.com>

The pkey test code keeps a "shadow" of the pkey register around.  This
ensures that any bugs which might write to the register can be caught
more quickly.

Generally, userspace has a good idea when the kernel is going to write
to the register.  For instance, alloc_pkey() is passed a permission
mask.  The caller of alloc_pkey() can update the shadow based on the
return value and the mask.

But, the kernel can also modify the pkey register in a more sneaky
way.  For mprotect(PROT_EXEC) mappings, the kernel will allocate a
pkey and write the pkey register to create an execute-only mapping.
The kernel never tells userspace what key it uses for this.

This can cause the test to fail with messages like:

	protection_keys_64.2: pkey-helpers.h:132: _read_pkey_reg: Assertion `pkey_reg == shadow_pkey_reg' failed.

because the shadow was not updated with the new kernel-set value.

Forcibly update the shadow value immediately after an mprotect().

Fixes: 6af17cf89e99 ("x86/pkeys/selftests: Add PROT_EXEC test")
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Ram Pai <linuxram@us.ibm.com>
Cc: Sandipan Das <sandipan@linux.ibm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Florian Weimer <fweimer@redhat.com>
Cc: "Desnes A. Nunes do Rosario" <desnesn@linux.vnet.ibm.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: Michal Suchanek <msuchanek@suse.de>
Cc: Shuah Khan <shuah@kernel.org>
Cc: x86@kernel.org
---

 b/tools/testing/selftests/vm/protection_keys.c |    7 +++++++
 1 file changed, 7 insertions(+)

diff -puN tools/testing/selftests/vm/protection_keys.c~selftests_vm_pkeys_Refill_shadow_register_after_implict_kernel_write-1 tools/testing/selftests/vm/protection_keys.c
--- a/tools/testing/selftests/vm/protection_keys.c~selftests_vm_pkeys_Refill_shadow_register_after_implict_kernel_write-1	2021-06-11 09:41:33.508468061 -0700
+++ b/tools/testing/selftests/vm/protection_keys.c	2021-06-11 09:41:33.517468061 -0700
@@ -1448,6 +1448,13 @@ void test_implicit_mprotect_exec_only_me
 	ret = mprotect(p1, PAGE_SIZE, PROT_EXEC);
 	pkey_assert(!ret);
 
+	/*
+	 * Reset the shadow, assuming that the above mprotect()
+	 * correctly changed PKRU, but to an unknown value since
+	 * the actual alllocated pkey is unknown.
+	 */
+	shadow_pkey_reg = __read_pkey_reg();
+
 	dprintf2("pkey_reg: %016llx\n", read_pkey_reg());
 
 	/* Make sure this is an *instruction* fault */