1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _PKEYS_HELPER_H
3 #define _PKEYS_HELPER_H
4 #define _GNU_SOURCE
5 #include <string.h>
6 #include <stdarg.h>
7 #include <stdio.h>
8 #include <stdint.h>
9 #include <stdbool.h>
10 #include <signal.h>
11 #include <assert.h>
12 #include <stdlib.h>
13 #include <ucontext.h>
14 #include <sys/mman.h>
15 
16 #define NR_PKEYS 16
17 #define PKRU_BITS_PER_PKEY 2
18 
19 #ifndef DEBUG_LEVEL
20 #define DEBUG_LEVEL 0
21 #endif
22 #define DPRINT_IN_SIGNAL_BUF_SIZE 4096
23 extern int dprint_in_signal;
24 extern char dprint_in_signal_buffer[DPRINT_IN_SIGNAL_BUF_SIZE];
sigsafe_printf(const char * format,...)25 static inline void sigsafe_printf(const char *format, ...)
26 {
27 	va_list ap;
28 
29 	if (!dprint_in_signal) {
30 		va_start(ap, format);
31 		vprintf(format, ap);
32 		va_end(ap);
33 	} else {
34 		int ret;
35 		/*
36 		 * No printf() functions are signal-safe.
37 		 * They deadlock easily. Write the format
38 		 * string to get some output, even if
39 		 * incomplete.
40 		 */
41 		ret = write(1, format, strlen(format));
42 		if (ret < 0)
43 			exit(1);
44 	}
45 }
46 #define dprintf_level(level, args...) do {	\
47 	if (level <= DEBUG_LEVEL)		\
48 		sigsafe_printf(args);		\
49 } while (0)
50 #define dprintf0(args...) dprintf_level(0, args)
51 #define dprintf1(args...) dprintf_level(1, args)
52 #define dprintf2(args...) dprintf_level(2, args)
53 #define dprintf3(args...) dprintf_level(3, args)
54 #define dprintf4(args...) dprintf_level(4, args)
55 
56 extern unsigned int shadow_pkru;
__rdpkru(void)57 static inline unsigned int __rdpkru(void)
58 {
59 	unsigned int eax, edx;
60 	unsigned int ecx = 0;
61 	unsigned int pkru;
62 
63 	asm volatile(".byte 0x0f,0x01,0xee\n\t"
64 		     : "=a" (eax), "=d" (edx)
65 		     : "c" (ecx));
66 	pkru = eax;
67 	return pkru;
68 }
69 
_rdpkru(int line)70 static inline unsigned int _rdpkru(int line)
71 {
72 	unsigned int pkru = __rdpkru();
73 
74 	dprintf4("rdpkru(line=%d) pkru: %x shadow: %x\n",
75 			line, pkru, shadow_pkru);
76 	assert(pkru == shadow_pkru);
77 
78 	return pkru;
79 }
80 
81 #define rdpkru() _rdpkru(__LINE__)
82 
__wrpkru(unsigned int pkru)83 static inline void __wrpkru(unsigned int pkru)
84 {
85 	unsigned int eax = pkru;
86 	unsigned int ecx = 0;
87 	unsigned int edx = 0;
88 
89 	dprintf4("%s() changing %08x to %08x\n", __func__, __rdpkru(), pkru);
90 	asm volatile(".byte 0x0f,0x01,0xef\n\t"
91 		     : : "a" (eax), "c" (ecx), "d" (edx));
92 	assert(pkru == __rdpkru());
93 }
94 
wrpkru(unsigned int pkru)95 static inline void wrpkru(unsigned int pkru)
96 {
97 	dprintf4("%s() changing %08x to %08x\n", __func__, __rdpkru(), pkru);
98 	/* will do the shadow check for us: */
99 	rdpkru();
100 	__wrpkru(pkru);
101 	shadow_pkru = pkru;
102 	dprintf4("%s(%08x) pkru: %08x\n", __func__, pkru, __rdpkru());
103 }
104 
105 /*
106  * These are technically racy. since something could
107  * change PKRU between the read and the write.
108  */
__pkey_access_allow(int pkey,int do_allow)109 static inline void __pkey_access_allow(int pkey, int do_allow)
110 {
111 	unsigned int pkru = rdpkru();
112 	int bit = pkey * 2;
113 
114 	if (do_allow)
115 		pkru &= (1<<bit);
116 	else
117 		pkru |= (1<<bit);
118 
119 	dprintf4("pkru now: %08x\n", rdpkru());
120 	wrpkru(pkru);
121 }
122 
__pkey_write_allow(int pkey,int do_allow_write)123 static inline void __pkey_write_allow(int pkey, int do_allow_write)
124 {
125 	long pkru = rdpkru();
126 	int bit = pkey * 2 + 1;
127 
128 	if (do_allow_write)
129 		pkru &= (1<<bit);
130 	else
131 		pkru |= (1<<bit);
132 
133 	wrpkru(pkru);
134 	dprintf4("pkru now: %08x\n", rdpkru());
135 }
136 
137 #define PROT_PKEY0     0x10            /* protection key value (bit 0) */
138 #define PROT_PKEY1     0x20            /* protection key value (bit 1) */
139 #define PROT_PKEY2     0x40            /* protection key value (bit 2) */
140 #define PROT_PKEY3     0x80            /* protection key value (bit 3) */
141 
142 #define PAGE_SIZE 4096
143 #define MB	(1<<20)
144 
__cpuid(unsigned int * eax,unsigned int * ebx,unsigned int * ecx,unsigned int * edx)145 static inline void __cpuid(unsigned int *eax, unsigned int *ebx,
146 		unsigned int *ecx, unsigned int *edx)
147 {
148 	/* ecx is often an input as well as an output. */
149 	asm volatile(
150 		"cpuid;"
151 		: "=a" (*eax),
152 		  "=b" (*ebx),
153 		  "=c" (*ecx),
154 		  "=d" (*edx)
155 		: "0" (*eax), "2" (*ecx));
156 }
157 
158 /* Intel-defined CPU features, CPUID level 0x00000007:0 (ecx) */
159 #define X86_FEATURE_PKU        (1<<3) /* Protection Keys for Userspace */
160 #define X86_FEATURE_OSPKE      (1<<4) /* OS Protection Keys Enable */
161 
cpu_has_pku(void)162 static inline int cpu_has_pku(void)
163 {
164 	unsigned int eax;
165 	unsigned int ebx;
166 	unsigned int ecx;
167 	unsigned int edx;
168 
169 	eax = 0x7;
170 	ecx = 0x0;
171 	__cpuid(&eax, &ebx, &ecx, &edx);
172 
173 	if (!(ecx & X86_FEATURE_PKU)) {
174 		dprintf2("cpu does not have PKU\n");
175 		return 0;
176 	}
177 	if (!(ecx & X86_FEATURE_OSPKE)) {
178 		dprintf2("cpu does not have OSPKE\n");
179 		return 0;
180 	}
181 	return 1;
182 }
183 
184 #define XSTATE_PKRU_BIT	(9)
185 #define XSTATE_PKRU	0x200
186 
pkru_xstate_offset(void)187 int pkru_xstate_offset(void)
188 {
189 	unsigned int eax;
190 	unsigned int ebx;
191 	unsigned int ecx;
192 	unsigned int edx;
193 	int xstate_offset;
194 	int xstate_size;
195 	unsigned long XSTATE_CPUID = 0xd;
196 	int leaf;
197 
198 	/* assume that XSTATE_PKRU is set in XCR0 */
199 	leaf = XSTATE_PKRU_BIT;
200 	{
201 		eax = XSTATE_CPUID;
202 		ecx = leaf;
203 		__cpuid(&eax, &ebx, &ecx, &edx);
204 
205 		if (leaf == XSTATE_PKRU_BIT) {
206 			xstate_offset = ebx;
207 			xstate_size = eax;
208 		}
209 	}
210 
211 	if (xstate_size == 0) {
212 		printf("could not find size/offset of PKRU in xsave state\n");
213 		return 0;
214 	}
215 
216 	return xstate_offset;
217 }
218 
219 #endif /* _PKEYS_HELPER_H */
220