Hi All,
This patch series introduces the mm reservation interface to manage the owning capability of the allocated addresses. As compared to the RFC v1, this series adds reservation details in the VMA structure. Looking for feedback regarding interface names, interface directory structure etc. Patch [1-11] manages capability bounds via reservation interface. Patch [12-19] adds support for managing capability permissions. Details about several rules implemented can be found in PCuABI spec here [1].
Changes in RFC v2:
1) Removed separate maple tree structures for the reservation interface and modified the vma structure to add the reservation details. As most of the mmap/munmap operations happen per-vma so this reduced the code churnings. However this approach will increase time-complexity of syscalls which operate across vma's such as mlock, madvise etc. get_unmapped_area() which generated free unmapped virtual address may now need more iterations.
2) Added Cheri base representability and length representability modifications. Now get_unmapped_area() will generate CHERI representable addresses.
3) Added new PCuABI changes for mincore() syscall.
4) Added changes for compat64.
Future works:
1) Users of vm_mmap/vm_munmap() i.e. filesystems, loaders, kexec etc to be modified to preserve capability addresses. 2) Cover remaining memory addressing syscalls.
Testing:
1) All tests by Chaitanya in v4 selftests [2] passes. 2) Purecap/Compat Busybox boot passes after adding [WIP] patches present in [3].
The whole series can be found here [3].
[1]: https://git.morello-project.org/morello/kernel/linux/-/wikis/Morello-pure-ca... [2]: https://git.morello-project.org/chaitanya_prakash/linux.git review/purecap_mmap_testcases [3]: https://git.morello-project.org/amitdaniel/linux.git review/purecap_mm_reservation_v2
Thanks, Amit Daniel
Amit Daniel Kachhap (19): uapi: errno.h: Introduce PCuABI memory reservation error arm64: morello: Add VM_PCUABI_RESERVE flags mm: Add capability reservation interfaces in vma for PCuABI mm/cap_addr_mgmt: Add capability bound helpers for PCuABI mm/mmap: Modify unmapped address space management code for PCuABI mm/mmap: Use the PCuABI reservations in mmap/munmap mm/mremap: Add the PCuABI reservation interfaces mm/mprotect: Add the PCuABI reservation interfaces mm/madvise: Add the PCuABI reservation interfaces mm/mlock: Add the PCuABI reservation interfaces mm/msync: Add the PCuABI reservation interfaces uapi: mman-common.h: Macros for maximum capability permissions mm/cap_addr_mgmt: Add capability permission helpers for PCuABI mm/cap_addr_mgmt: Reduce the maximum protection check impact mm/mmap: Disable MAP_GROWSDOWN mapping flag for PCuABI mm/mmap: Add capability permission constraints for PCuABI mm/mremap: Add capability permission constraints for PCuABI mm/mprotect: Add capability permission constraints for PCuABI mm/mincore: Add capability constraints for PCuABI
arch/arm64/include/asm/cap_addr_mgmt.h | 22 ++ include/linux/cap_addr_mgmt.h | 168 +++++++++++++ include/linux/cheri.h | 3 + include/linux/mm.h | 29 ++- include/linux/mm_types.h | 5 + include/uapi/asm-generic/errno.h | 2 + include/uapi/asm-generic/mman-common.h | 6 + io_uring/advise.c | 2 +- mm/Makefile | 2 +- mm/cap_addr_mgmt.c | 314 +++++++++++++++++++++++++ mm/damon/vaddr.c | 2 +- mm/madvise.c | 27 ++- mm/mincore.c | 46 +++- mm/mlock.c | 38 ++- mm/mmap.c | 182 ++++++++++++-- mm/mprotect.c | 21 +- mm/mremap.c | 109 +++++++-- mm/msync.c | 15 +- mm/util.c | 10 +- 19 files changed, 919 insertions(+), 84 deletions(-) create mode 100644 arch/arm64/include/asm/cap_addr_mgmt.h create mode 100644 include/linux/cap_addr_mgmt.h create mode 100644 mm/cap_addr_mgmt.c