xref: /linux/arch/arm64/include/asm/pgtable-prot.h (revision beace86e61e465dba204a268ab3f3377153a4973) 
1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3  * Copyright (C) 2016 ARM Ltd.
4  */
5 #ifndef __ASM_PGTABLE_PROT_H
6 #define __ASM_PGTABLE_PROT_H
7 
8 #include <asm/memory.h>
9 #include <asm/pgtable-hwdef.h>
10 
11 #include <linux/const.h>
12 
13 /*
14  * Software defined PTE bits definition.
15  */
16 #define PTE_WRITE		(PTE_DBM)		 /* same as DBM (51) */
17 #define PTE_SWP_EXCLUSIVE	(_AT(pteval_t, 1) << 2)	 /* only for swp ptes */
18 #define PTE_DIRTY		(_AT(pteval_t, 1) << 55)
19 #define PTE_SPECIAL		(_AT(pteval_t, 1) << 56)
20 
21 /*
22  * PTE_PRESENT_INVALID=1 & PTE_VALID=0 indicates that the pte's fields should be
23  * interpreted according to the HW layout by SW but any attempted HW access to
24  * the address will result in a fault. pte_present() returns true.
25  */
26 #define PTE_PRESENT_INVALID	(PTE_NG)		 /* only when !PTE_VALID */
27 
28 #ifdef CONFIG_HAVE_ARCH_USERFAULTFD_WP
29 #define PTE_UFFD_WP		(_AT(pteval_t, 1) << 58) /* uffd-wp tracking */
30 #define PTE_SWP_UFFD_WP		(_AT(pteval_t, 1) << 3)	 /* only for swp ptes */
31 #else
32 #define PTE_UFFD_WP		(_AT(pteval_t, 0))
33 #define PTE_SWP_UFFD_WP		(_AT(pteval_t, 0))
34 #endif /* CONFIG_HAVE_ARCH_USERFAULTFD_WP */
35 
36 #define _PROT_DEFAULT		(PTE_TYPE_PAGE | PTE_AF | PTE_SHARED)
37 
38 #define PROT_DEFAULT		(PTE_TYPE_PAGE | PTE_MAYBE_NG | PTE_MAYBE_SHARED | PTE_AF)
39 #define PROT_SECT_DEFAULT	(PMD_TYPE_SECT | PMD_MAYBE_NG | PMD_MAYBE_SHARED | PMD_SECT_AF)
40 
41 #define PROT_DEVICE_nGnRnE	(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRnE))
42 #define PROT_DEVICE_nGnRE	(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRE))
43 #define PROT_NORMAL_NC		(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_WRITE | PTE_ATTRINDX(MT_NORMAL_NC))
44 #define PROT_NORMAL		(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_WRITE | PTE_ATTRINDX(MT_NORMAL))
45 #define PROT_NORMAL_TAGGED	(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_WRITE | PTE_ATTRINDX(MT_NORMAL_TAGGED))
46 
47 #define PROT_SECT_DEVICE_nGnRE	(PROT_SECT_DEFAULT | PMD_SECT_PXN | PMD_SECT_UXN | PMD_ATTRINDX(MT_DEVICE_nGnRE))
48 #define PROT_SECT_NORMAL	(PROT_SECT_DEFAULT | PMD_SECT_PXN | PMD_SECT_UXN | PTE_WRITE | PMD_ATTRINDX(MT_NORMAL))
49 #define PROT_SECT_NORMAL_EXEC	(PROT_SECT_DEFAULT | PMD_SECT_UXN | PMD_ATTRINDX(MT_NORMAL))
50 
51 #define _PAGE_DEFAULT		(_PROT_DEFAULT | PTE_ATTRINDX(MT_NORMAL))
52 
53 #define _PAGE_KERNEL		(PROT_NORMAL)
54 #define _PAGE_KERNEL_RO		((PROT_NORMAL & ~PTE_WRITE) | PTE_RDONLY)
55 #define _PAGE_KERNEL_ROX	((PROT_NORMAL & ~(PTE_WRITE | PTE_PXN)) | PTE_RDONLY)
56 #define _PAGE_KERNEL_EXEC	(PROT_NORMAL & ~PTE_PXN)
57 #define _PAGE_KERNEL_EXEC_CONT	((PROT_NORMAL & ~PTE_PXN) | PTE_CONT)
58 
59 #define _PAGE_SHARED		(_PAGE_DEFAULT | PTE_USER | PTE_RDONLY | PTE_NG | PTE_PXN | PTE_UXN | PTE_WRITE)
60 #define _PAGE_SHARED_EXEC	(_PAGE_DEFAULT | PTE_USER | PTE_RDONLY | PTE_NG | PTE_PXN | PTE_WRITE)
61 #define _PAGE_READONLY		(_PAGE_DEFAULT | PTE_USER | PTE_RDONLY | PTE_NG | PTE_PXN | PTE_UXN)
62 #define _PAGE_READONLY_EXEC	(_PAGE_DEFAULT | PTE_USER | PTE_RDONLY | PTE_NG | PTE_PXN)
63 #define _PAGE_EXECONLY		(_PAGE_DEFAULT | PTE_RDONLY | PTE_NG | PTE_PXN)
64 
65 #ifndef __ASSEMBLY__
66 
67 #include <asm/cpufeature.h>
68 #include <asm/pgtable-types.h>
69 #include <asm/rsi.h>
70 
71 extern bool arm64_use_ng_mappings;
72 extern unsigned long prot_ns_shared;
73 
74 #define PROT_NS_SHARED		(is_realm_world() ? prot_ns_shared : 0)
75 
76 #define PTE_MAYBE_NG		(arm64_use_ng_mappings ? PTE_NG : 0)
77 #define PMD_MAYBE_NG		(arm64_use_ng_mappings ? PMD_SECT_NG : 0)
78 
79 #ifndef CONFIG_ARM64_LPA2
80 #define lpa2_is_enabled()	false
81 #define PTE_MAYBE_SHARED	PTE_SHARED
82 #define PMD_MAYBE_SHARED	PMD_SECT_S
83 #define PHYS_MASK_SHIFT		(CONFIG_ARM64_PA_BITS)
84 #else
lpa2_is_enabled(void)85 static inline bool __pure lpa2_is_enabled(void)
86 {
87 	return read_tcr() & TCR_DS;
88 }
89 
90 #define PTE_MAYBE_SHARED	(lpa2_is_enabled() ? 0 : PTE_SHARED)
91 #define PMD_MAYBE_SHARED	(lpa2_is_enabled() ? 0 : PMD_SECT_S)
92 #define PHYS_MASK_SHIFT		(lpa2_is_enabled() ? CONFIG_ARM64_PA_BITS : 48)
93 #endif
94 
95 /*
96  * Highest possible physical address supported.
97  */
98 #define PHYS_MASK		((UL(1) << PHYS_MASK_SHIFT) - 1)
99 
100 /*
101  * If we have userspace only BTI we don't want to mark kernel pages
102  * guarded even if the system does support BTI.
103  */
104 #define PTE_MAYBE_GP		(system_supports_bti_kernel() ? PTE_GP : 0)
105 
106 #define PAGE_KERNEL		__pgprot(_PAGE_KERNEL)
107 #define PAGE_KERNEL_RO		__pgprot(_PAGE_KERNEL_RO)
108 #define PAGE_KERNEL_ROX		__pgprot(_PAGE_KERNEL_ROX)
109 #define PAGE_KERNEL_EXEC	__pgprot(_PAGE_KERNEL_EXEC)
110 #define PAGE_KERNEL_EXEC_CONT	__pgprot(_PAGE_KERNEL_EXEC_CONT)
111 
112 #define PAGE_S2_MEMATTR(attr, has_fwb)					\
113 	({								\
114 		u64 __val;						\
115 		if (has_fwb)						\
116 			__val = PTE_S2_MEMATTR(MT_S2_FWB_ ## attr);	\
117 		else							\
118 			__val = PTE_S2_MEMATTR(MT_S2_ ## attr);		\
119 		__val;							\
120 	 })
121 
122 #define PAGE_NONE		__pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PRESENT_INVALID | PTE_RDONLY | PTE_NG | PTE_PXN | PTE_UXN)
123 /* shared+writable pages are clean by default, hence PTE_RDONLY|PTE_WRITE */
124 #define PAGE_SHARED		__pgprot(_PAGE_SHARED)
125 #define PAGE_SHARED_EXEC	__pgprot(_PAGE_SHARED_EXEC)
126 #define PAGE_READONLY		__pgprot(_PAGE_READONLY)
127 #define PAGE_READONLY_EXEC	__pgprot(_PAGE_READONLY_EXEC)
128 #define PAGE_EXECONLY		__pgprot(_PAGE_EXECONLY)
129 
130 #endif /* __ASSEMBLY__ */
131 
132 #define pte_pi_index(pte) ( \
133 	((pte & BIT(PTE_PI_IDX_3)) >> (PTE_PI_IDX_3 - 3)) | \
134 	((pte & BIT(PTE_PI_IDX_2)) >> (PTE_PI_IDX_2 - 2)) | \
135 	((pte & BIT(PTE_PI_IDX_1)) >> (PTE_PI_IDX_1 - 1)) | \
136 	((pte & BIT(PTE_PI_IDX_0)) >> (PTE_PI_IDX_0 - 0)))
137 
138 /*
139  * Page types used via Permission Indirection Extension (PIE). PIE uses
140  * the USER, DBM, PXN and UXN bits to to generate an index which is used
141  * to look up the actual permission in PIR_ELx and PIRE0_EL1. We define
142  * combinations we use on non-PIE systems with the same encoding, for
143  * convenience these are listed here as comments as are the unallocated
144  * encodings.
145  */
146 
147 /* 0: PAGE_DEFAULT                                                  */
148 /* 1:                                                      PTE_USER */
149 /* 2:                                          PTE_WRITE            */
150 /* 3:                                          PTE_WRITE | PTE_USER */
151 /* 4: PAGE_EXECONLY                  PTE_PXN                        */
152 /* 5: PAGE_READONLY_EXEC             PTE_PXN |             PTE_USER */
153 /* 6:                                PTE_PXN | PTE_WRITE            */
154 /* 7: PAGE_SHARED_EXEC               PTE_PXN | PTE_WRITE | PTE_USER */
155 /* 8: PAGE_KERNEL_ROX      PTE_UXN                                  */
156 /* 9: PAGE_GCS_RO          PTE_UXN |                       PTE_USER */
157 /* a: PAGE_KERNEL_EXEC     PTE_UXN |           PTE_WRITE            */
158 /* b: PAGE_GCS             PTE_UXN |           PTE_WRITE | PTE_USER */
159 /* c: PAGE_KERNEL_RO       PTE_UXN | PTE_PXN                        */
160 /* d: PAGE_READONLY        PTE_UXN | PTE_PXN |             PTE_USER */
161 /* e: PAGE_KERNEL          PTE_UXN | PTE_PXN | PTE_WRITE            */
162 /* f: PAGE_SHARED          PTE_UXN | PTE_PXN | PTE_WRITE | PTE_USER */
163 
164 #define _PAGE_GCS	(_PAGE_DEFAULT | PTE_NG | PTE_UXN | PTE_WRITE | PTE_USER)
165 #define _PAGE_GCS_RO	(_PAGE_DEFAULT | PTE_NG | PTE_UXN | PTE_USER)
166 
167 #define PAGE_GCS	__pgprot(_PAGE_GCS)
168 #define PAGE_GCS_RO	__pgprot(_PAGE_GCS_RO)
169 
170 #define PIE_E0	( \
171 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_GCS),           PIE_GCS)  | \
172 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_GCS_RO),        PIE_R)   | \
173 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_EXECONLY),      PIE_X_O) | \
174 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX_O)  | \
175 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_SHARED_EXEC),   PIE_RWX_O) | \
176 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_READONLY),      PIE_R_O)   | \
177 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_SHARED),        PIE_RW_O))
178 
179 #define PIE_E1	( \
180 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_GCS),           PIE_NONE_O) | \
181 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_GCS_RO),        PIE_NONE_O) | \
182 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_EXECONLY),      PIE_NONE_O) | \
183 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_READONLY_EXEC), PIE_R)      | \
184 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_SHARED_EXEC),   PIE_RW)     | \
185 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_READONLY),      PIE_R)      | \
186 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_SHARED),        PIE_RW)     | \
187 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_KERNEL_ROX),    PIE_RX)     | \
188 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_KERNEL_EXEC),   PIE_RWX)    | \
189 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_KERNEL_RO),     PIE_R)      | \
190 	PIRx_ELx_PERM_PREP(pte_pi_index(_PAGE_KERNEL),        PIE_RW))
191 
192 #endif /* __ASM_PGTABLE_PROT_H */
193