[linux-2.6-block.git] / include / linux / execmem.h

/* SPDX-License-Identifier: GPL-2.0 */
#ifndef _LINUX_EXECMEM_ALLOC_H
#define _LINUX_EXECMEM_ALLOC_H

#include <linux/types.h>
#include <linux/moduleloader.h>
#include <linux/cleanup.h>

#if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \
		!defined(CONFIG_KASAN_VMALLOC)
#include <linux/kasan.h>
#define MODULE_ALIGN (PAGE_SIZE << KASAN_SHADOW_SCALE_SHIFT)
#else
#define MODULE_ALIGN PAGE_SIZE
#endif

/**
 * enum execmem_type - types of executable memory ranges
 *
 * There are several subsystems that allocate executable memory.
 * Architectures define different restrictions on placement,
 * permissions, alignment and other parameters for memory that can be used
 * by these subsystems.
 * Types in this enum identify subsystems that allocate executable memory
 * and let architectures define parameters for ranges suitable for
 * allocations by each subsystem.
 *
 * @EXECMEM_DEFAULT: default parameters that would be used for types that
 * are not explicitly defined.
 * @EXECMEM_MODULE_TEXT: parameters for module text sections
 * @EXECMEM_KPROBES: parameters for kprobes
 * @EXECMEM_FTRACE: parameters for ftrace
 * @EXECMEM_BPF: parameters for BPF
 * @EXECMEM_MODULE_DATA: parameters for module data sections
 * @EXECMEM_TYPE_MAX:
 */
enum execmem_type {
	EXECMEM_DEFAULT,
	EXECMEM_MODULE_TEXT = EXECMEM_DEFAULT,
	EXECMEM_KPROBES,
	EXECMEM_FTRACE,
	EXECMEM_BPF,
	EXECMEM_MODULE_DATA,
	EXECMEM_TYPE_MAX,
};

/**
 * enum execmem_range_flags - options for executable memory allocations
 * @EXECMEM_KASAN_SHADOW:	allocate kasan shadow
 * @EXECMEM_ROX_CACHE:		allocations should use ROX cache of huge pages
 */
enum execmem_range_flags {
	EXECMEM_KASAN_SHADOW	= (1 << 0),
	EXECMEM_ROX_CACHE	= (1 << 1),
};

#ifdef CONFIG_ARCH_HAS_EXECMEM_ROX
/**
 * execmem_fill_trapping_insns - set memory to contain instructions that
 *				 will trap
 * @ptr:	pointer to memory to fill
 * @size:	size of the range to fill
 * @writable:	is the memory poited by @ptr is writable or ROX
 *
 * A hook for architecures to fill execmem ranges with invalid instructions.
 * Architectures that use EXECMEM_ROX_CACHE must implement this.
 */
void execmem_fill_trapping_insns(void *ptr, size_t size, bool writable);

/**
 * execmem_make_temp_rw - temporarily remap region with read-write
 *			  permissions
 * @ptr:	address of the region to remap
 * @size:	size of the region to remap
 *
 * Remaps a part of the cached large page in the ROX cache in the range
 * [@ptr, @ptr + @size) as writable and not executable. The caller must
 * have exclusive ownership of this range and ensure nothing will try to
 * execute code in this range.
 *
 * Return: 0 on success or negative error code on failure.
 */
int execmem_make_temp_rw(void *ptr, size_t size);

/**
 * execmem_restore_rox - restore read-only-execute permissions
 * @ptr:	address of the region to remap
 * @size:	size of the region to remap
 *
 * Restores read-only-execute permissions on a range [@ptr, @ptr + @size)
 * after it was temporarily remapped as writable. Relies on architecture
 * implementation of set_memory_rox() to restore mapping using large pages.
 *
 * Return: 0 on success or negative error code on failure.
 */
int execmem_restore_rox(void *ptr, size_t size);
#else
static inline int execmem_make_temp_rw(void *ptr, size_t size) { return 0; }
static inline int execmem_restore_rox(void *ptr, size_t size) { return 0; }
#endif

/**
 * struct execmem_range - definition of an address space suitable for code and
 *			  related data allocations
 * @start:	address space start
 * @end:	address space end (inclusive)
 * @fallback_start: start of the secondary address space range for fallback
 *                  allocations on architectures that require it
 * @fallback_end:   start of the secondary address space (inclusive)
 * @pgprot:	permissions for memory in this address space
 * @alignment:	alignment required for text allocations
 * @flags:	options for memory allocations for this range
 */
struct execmem_range {
	unsigned long   start;
	unsigned long   end;
	unsigned long   fallback_start;
	unsigned long   fallback_end;
	pgprot_t        pgprot;
	unsigned int	alignment;
	enum execmem_range_flags flags;
};

/**
 * struct execmem_info - architecture parameters for code allocations
 * @ranges: array of parameter sets defining architecture specific
 * parameters for executable memory allocations. The ranges that are not
 * explicitly initialized by an architecture use parameters defined for
 * @EXECMEM_DEFAULT.
 */
struct execmem_info {
	struct execmem_range	ranges[EXECMEM_TYPE_MAX];
};

/**
 * execmem_arch_setup - define parameters for allocations of executable memory
 *
 * A hook for architectures to define parameters for allocations of
 * executable memory. These parameters should be filled into the
 * @execmem_info structure.
 *
 * For architectures that do not implement this method a default set of
 * parameters will be used
 *
 * Return: a structure defining architecture parameters and restrictions
 * for allocations of executable memory
 */
struct execmem_info *execmem_arch_setup(void);

/**
 * execmem_alloc - allocate executable memory
 * @type: type of the allocation
 * @size: how many bytes of memory are required
 *
 * Allocates memory that will contain executable code, either generated or
 * loaded from kernel modules.
 *
 * Allocates memory that will contain data coupled with executable code,
 * like data sections in kernel modules.
 *
 * The memory will have protections defined by architecture for executable
 * region of the @type.
 *
 * Return: a pointer to the allocated memory or %NULL
 */
void *execmem_alloc(enum execmem_type type, size_t size);

/**
 * execmem_free - free executable memory
 * @ptr: pointer to the memory that should be freed
 */
void execmem_free(void *ptr);

DEFINE_FREE(execmem, void *, if (_T) execmem_free(_T));

#ifdef CONFIG_MMU
/**
 * execmem_vmap - create virtual mapping for EXECMEM_MODULE_DATA memory
 * @size: size of the virtual mapping in bytes
 *
 * Maps virtually contiguous area in the range suitable for EXECMEM_MODULE_DATA.
 *
 * Return: the area descriptor on success or %NULL on failure.
 */
struct vm_struct *execmem_vmap(size_t size);
#endif

/**
 * execmem_update_copy - copy an update to executable memory
 * @dst:  destination address to update
 * @src:  source address containing the data
 * @size: how many bytes of memory shold be copied
 *
 * Copy @size bytes from @src to @dst using text poking if the memory at
 * @dst is read-only.
 *
 * Return: a pointer to @dst or NULL on error
 */
void *execmem_update_copy(void *dst, const void *src, size_t size);

/**
 * execmem_is_rox - check if execmem is read-only
 * @type - the execmem type to check
 *
 * Return: %true if the @type is read-only, %false if it's writable
 */
bool execmem_is_rox(enum execmem_type type);

#if defined(CONFIG_EXECMEM) && !defined(CONFIG_ARCH_WANTS_EXECMEM_LATE)
void execmem_init(void);
#else
static inline void execmem_init(void) {}
#endif

#endif /* _LINUX_EXECMEM_ALLOC_H */
Commit	Line	Data
	1	/* SPDX-License-Identifier: GPL-2.0 */
	2	#ifndef _LINUX_EXECMEM_ALLOC_H
	3	#define _LINUX_EXECMEM_ALLOC_H
	4
	5	#include <linux/types.h>
	6	#include <linux/moduleloader.h>
	7	#include <linux/cleanup.h>
	8
	9	#if (defined(CONFIG_KASAN_GENERIC) \|\| defined(CONFIG_KASAN_SW_TAGS)) && \
	10	!defined(CONFIG_KASAN_VMALLOC)
	11	#include <linux/kasan.h>
	12	#define MODULE_ALIGN (PAGE_SIZE << KASAN_SHADOW_SCALE_SHIFT)
	13	#else
	14	#define MODULE_ALIGN PAGE_SIZE
	15	#endif
	16
	17	/**
	18	* enum execmem_type - types of executable memory ranges
	19	*
	20	* There are several subsystems that allocate executable memory.
	21	* Architectures define different restrictions on placement,
	22	* permissions, alignment and other parameters for memory that can be used
	23	* by these subsystems.
	24	* Types in this enum identify subsystems that allocate executable memory
	25	* and let architectures define parameters for ranges suitable for
	26	* allocations by each subsystem.
	27	*
	28	* @EXECMEM_DEFAULT: default parameters that would be used for types that
	29	* are not explicitly defined.
	30	* @EXECMEM_MODULE_TEXT: parameters for module text sections
	31	* @EXECMEM_KPROBES: parameters for kprobes
	32	* @EXECMEM_FTRACE: parameters for ftrace
	33	* @EXECMEM_BPF: parameters for BPF
	34	* @EXECMEM_MODULE_DATA: parameters for module data sections
	35	* @EXECMEM_TYPE_MAX:
	36	*/
	37	enum execmem_type {
	38	EXECMEM_DEFAULT,
	39	EXECMEM_MODULE_TEXT = EXECMEM_DEFAULT,
	40	EXECMEM_KPROBES,
	41	EXECMEM_FTRACE,
	42	EXECMEM_BPF,
	43	EXECMEM_MODULE_DATA,
	44	EXECMEM_TYPE_MAX,
	45	};
	46
	47	/**
	48	* enum execmem_range_flags - options for executable memory allocations
	49	* @EXECMEM_KASAN_SHADOW: allocate kasan shadow
	50	* @EXECMEM_ROX_CACHE: allocations should use ROX cache of huge pages
	51	*/
	52	enum execmem_range_flags {
	53	EXECMEM_KASAN_SHADOW = (1 << 0),
	54	EXECMEM_ROX_CACHE = (1 << 1),
	55	};
	56
	57	#ifdef CONFIG_ARCH_HAS_EXECMEM_ROX
	58	/**
	59	* execmem_fill_trapping_insns - set memory to contain instructions that
	60	* will trap
	61	* @ptr: pointer to memory to fill
	62	* @size: size of the range to fill
	63	* @writable: is the memory poited by @ptr is writable or ROX
	64	*
	65	* A hook for architecures to fill execmem ranges with invalid instructions.
	66	* Architectures that use EXECMEM_ROX_CACHE must implement this.
	67	*/
	68	void execmem_fill_trapping_insns(void *ptr, size_t size, bool writable);
	69
	70	/**
	71	* execmem_make_temp_rw - temporarily remap region with read-write
	72	* permissions
	73	* @ptr: address of the region to remap
	74	* @size: size of the region to remap
	75	*
	76	* Remaps a part of the cached large page in the ROX cache in the range
	77	* [@ptr, @ptr + @size) as writable and not executable. The caller must
	78	* have exclusive ownership of this range and ensure nothing will try to
	79	* execute code in this range.
	80	*
	81	* Return: 0 on success or negative error code on failure.
	82	*/
	83	int execmem_make_temp_rw(void *ptr, size_t size);
	84
	85	/**
	86	* execmem_restore_rox - restore read-only-execute permissions
	87	* @ptr: address of the region to remap
	88	* @size: size of the region to remap
	89	*
	90	* Restores read-only-execute permissions on a range [@ptr, @ptr + @size)
	91	* after it was temporarily remapped as writable. Relies on architecture
	92	* implementation of set_memory_rox() to restore mapping using large pages.
	93	*
	94	* Return: 0 on success or negative error code on failure.
	95	*/
	96	int execmem_restore_rox(void *ptr, size_t size);
	97	#else
	98	static inline int execmem_make_temp_rw(void *ptr, size_t size) { return 0; }
	99	static inline int execmem_restore_rox(void *ptr, size_t size) { return 0; }
	100	#endif
	101
	102	/**
	103	* struct execmem_range - definition of an address space suitable for code and
	104	* related data allocations
	105	* @start: address space start
	106	* @end: address space end (inclusive)
	107	* @fallback_start: start of the secondary address space range for fallback
	108	* allocations on architectures that require it
	109	* @fallback_end: start of the secondary address space (inclusive)
	110	* @pgprot: permissions for memory in this address space
	111	* @alignment: alignment required for text allocations
	112	* @flags: options for memory allocations for this range
	113	*/
	114	struct execmem_range {
	115	unsigned long start;
	116	unsigned long end;
	117	unsigned long fallback_start;
	118	unsigned long fallback_end;
	119	pgprot_t pgprot;
	120	unsigned int alignment;
	121	enum execmem_range_flags flags;
	122	};
	123
	124	/**
	125	* struct execmem_info - architecture parameters for code allocations
	126	* @ranges: array of parameter sets defining architecture specific
	127	* parameters for executable memory allocations. The ranges that are not
	128	* explicitly initialized by an architecture use parameters defined for
	129	* @EXECMEM_DEFAULT.
	130	*/
	131	struct execmem_info {
	132	struct execmem_range ranges[EXECMEM_TYPE_MAX];
	133	};
	134
	135	/**
	136	* execmem_arch_setup - define parameters for allocations of executable memory
	137	*
	138	* A hook for architectures to define parameters for allocations of
	139	* executable memory. These parameters should be filled into the
	140	* @execmem_info structure.
	141	*
	142	* For architectures that do not implement this method a default set of
	143	* parameters will be used
	144	*
	145	* Return: a structure defining architecture parameters and restrictions
	146	* for allocations of executable memory
	147	*/
	148	struct execmem_info *execmem_arch_setup(void);
	149
	150	/**
	151	* execmem_alloc - allocate executable memory
	152	* @type: type of the allocation
	153	* @size: how many bytes of memory are required
	154	*
	155	* Allocates memory that will contain executable code, either generated or
	156	* loaded from kernel modules.
	157	*
	158	* Allocates memory that will contain data coupled with executable code,
	159	* like data sections in kernel modules.
	160	*
	161	* The memory will have protections defined by architecture for executable
	162	* region of the @type.
	163	*
	164	* Return: a pointer to the allocated memory or %NULL
	165	*/
	166	void *execmem_alloc(enum execmem_type type, size_t size);
	167
	168	/**
	169	* execmem_free - free executable memory
	170	* @ptr: pointer to the memory that should be freed
	171	*/
	172	void execmem_free(void *ptr);
	173
	174	DEFINE_FREE(execmem, void *, if (_T) execmem_free(_T));
	175
	176	#ifdef CONFIG_MMU
	177	/**
	178	* execmem_vmap - create virtual mapping for EXECMEM_MODULE_DATA memory
	179	* @size: size of the virtual mapping in bytes
	180	*
	181	* Maps virtually contiguous area in the range suitable for EXECMEM_MODULE_DATA.
	182	*
	183	* Return: the area descriptor on success or %NULL on failure.
	184	*/
	185	struct vm_struct *execmem_vmap(size_t size);
	186	#endif
	187
	188	/**
	189	* execmem_update_copy - copy an update to executable memory
	190	* @dst: destination address to update
	191	* @src: source address containing the data
	192	* @size: how many bytes of memory shold be copied
	193	*
	194	* Copy @size bytes from @src to @dst using text poking if the memory at
	195	* @dst is read-only.
	196	*
	197	* Return: a pointer to @dst or NULL on error
	198	*/
	199	void execmem_update_copy(void dst, const void *src, size_t size);
	200
	201	/**
	202	* execmem_is_rox - check if execmem is read-only
	203	* @type - the execmem type to check
	204	*
	205	* Return: %true if the @type is read-only, %false if it's writable
	206	*/
	207	bool execmem_is_rox(enum execmem_type type);
	208
	209	#if defined(CONFIG_EXECMEM) && !defined(CONFIG_ARCH_WANTS_EXECMEM_LATE)
	210	void execmem_init(void);
	211	#else
	212	static inline void execmem_init(void) {}
	213	#endif
	214
	215	#endif /* _LINUX_EXECMEM_ALLOC_H */