1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/set_memory.h>
3 #include <linux/ptdump.h>
4 #include <linux/seq_file.h>
5 #include <linux/debugfs.h>
6 #include <linux/sort.h>
8 #include <linux/kfence.h>
9 #include <linux/kasan.h>
10 #include <asm/kasan.h>
11 #include <asm/abs_lowcore.h>
12 #include <asm/nospec-branch.h>
13 #include <asm/sections.h>
14 #include <asm/maccess.h>
16 static unsigned long max_addr;
20 unsigned long start_address;
25 static struct addr_marker *markers;
26 static unsigned int markers_cnt;
29 struct ptdump_state ptdump;
32 unsigned int current_prot;
34 unsigned long wx_pages;
35 unsigned long start_address;
36 const struct addr_marker *marker;
39 #define pt_dump_seq_printf(m, fmt, args...) \
41 struct seq_file *__m = (m); \
44 seq_printf(__m, fmt, ##args); \
47 #define pt_dump_seq_puts(m, fmt) \
49 struct seq_file *__m = (m); \
52 seq_printf(__m, fmt); \
55 static void print_prot(struct seq_file *m, unsigned int pr, int level)
57 static const char * const level_name[] =
58 { "ASCE", "PGD", "PUD", "PMD", "PTE" };
60 pt_dump_seq_printf(m, "%s ", level_name[level]);
61 if (pr & _PAGE_INVALID) {
62 pt_dump_seq_printf(m, "I\n");
65 pt_dump_seq_puts(m, (pr & _PAGE_PROTECT) ? "RO " : "RW ");
66 pt_dump_seq_puts(m, (pr & _PAGE_NOEXEC) ? "NX\n" : "X\n");
69 static void note_prot_wx(struct pg_state *st, unsigned long addr)
73 if (st->current_prot & _PAGE_INVALID)
75 if (st->current_prot & _PAGE_PROTECT)
77 if (st->current_prot & _PAGE_NOEXEC)
80 * The first lowcore page is W+X if spectre mitigations are using
81 * trampolines or the BEAR enhancements facility is not installed,
82 * in which case we have two lpswe instructions in lowcore that need
85 if (addr == PAGE_SIZE && (nospec_uses_trampoline() || !static_key_enabled(&cpu_has_bear)))
87 WARN_ONCE(IS_ENABLED(CONFIG_DEBUG_WX),
88 "s390/mm: Found insecure W+X mapping at address %pS\n",
89 (void *)st->start_address);
90 st->wx_pages += (addr - st->start_address) / PAGE_SIZE;
93 static void note_page_update_state(struct pg_state *st, unsigned long addr, unsigned int prot, int level)
95 struct seq_file *m = st->seq;
97 while (addr >= st->marker[1].start_address) {
99 pt_dump_seq_printf(m, "---[ %s %s ]---\n", st->marker->name,
100 st->marker->is_start ? "Start" : "End");
102 st->start_address = addr;
103 st->current_prot = prot;
107 static void note_page(struct ptdump_state *pt_st, unsigned long addr, int level, u64 val)
109 int width = sizeof(unsigned long) * 2;
110 static const char units[] = "KMGTPE";
111 const char *unit = units;
117 st = container_of(pt_st, struct pg_state, ptdump);
119 prot = val & (_PAGE_PROTECT | _PAGE_NOEXEC);
120 if (level == 4 && (val & _PAGE_INVALID))
121 prot = _PAGE_INVALID;
122 /* For pmd_none() & friends val gets passed as zero. */
123 if (level != 4 && !val)
124 prot = _PAGE_INVALID;
125 /* Final flush from generic code. */
128 if (st->level == -1) {
129 pt_dump_seq_puts(m, "---[ Kernel Virtual Address Space ]---\n");
130 note_page_update_state(st, addr, prot, level);
131 } else if (prot != st->current_prot || level != st->level ||
132 addr >= st->marker[1].start_address) {
133 note_prot_wx(st, addr);
134 pt_dump_seq_printf(m, "0x%0*lx-0x%0*lx ",
135 width, st->start_address,
137 delta = (addr - st->start_address) >> 10;
138 while (!(delta & 0x3ff) && unit[1]) {
142 pt_dump_seq_printf(m, "%9lu%c ", delta, *unit);
143 print_prot(m, st->current_prot, st->level);
144 note_page_update_state(st, addr, prot, level);
148 bool ptdump_check_wx(void)
150 struct pg_state st = {
152 .note_page = note_page,
153 .range = (struct ptdump_range[]) {
154 {.start = 0, .end = max_addr},
155 {.start = 0, .end = 0},
164 .marker = (struct addr_marker[]) {
165 { .start_address = 0, .name = NULL},
166 { .start_address = -1, .name = NULL},
172 ptdump_walk_pgd(&st.ptdump, &init_mm, NULL);
174 pr_warn("Checked W+X mappings: FAILED, %lu W+X pages found\n", st.wx_pages);
178 pr_info("Checked W+X mappings: passed, no %sW+X pages found\n",
179 (nospec_uses_trampoline() || !static_key_enabled(&cpu_has_bear)) ?
186 #ifdef CONFIG_PTDUMP_DEBUGFS
187 static int ptdump_show(struct seq_file *m, void *v)
189 struct pg_state st = {
191 .note_page = note_page,
192 .range = (struct ptdump_range[]) {
193 {.start = 0, .end = max_addr},
194 {.start = 0, .end = 0},
207 mutex_lock(&cpa_mutex);
208 ptdump_walk_pgd(&st.ptdump, &init_mm, NULL);
209 mutex_unlock(&cpa_mutex);
213 DEFINE_SHOW_ATTRIBUTE(ptdump);
214 #endif /* CONFIG_PTDUMP_DEBUGFS */
216 static int ptdump_cmp(const void *a, const void *b)
218 const struct addr_marker *ama = a;
219 const struct addr_marker *amb = b;
221 if (ama->start_address > amb->start_address)
223 if (ama->start_address < amb->start_address)
226 * If the start addresses of two markers are identical sort markers in an
227 * order that considers areas contained within other areas correctly.
229 if (ama->is_start && amb->is_start) {
230 if (ama->size > amb->size)
232 if (ama->size < amb->size)
236 if (!ama->is_start && !amb->is_start) {
237 if (ama->size > amb->size)
239 if (ama->size < amb->size)
250 static int add_marker(unsigned long start, unsigned long end, const char *name)
252 size_t oldsize, newsize;
254 oldsize = markers_cnt * sizeof(*markers);
255 newsize = oldsize + 2 * sizeof(*markers);
257 markers = kvmalloc(newsize, GFP_KERNEL);
259 markers = kvrealloc(markers, newsize, GFP_KERNEL);
262 markers[markers_cnt].is_start = 1;
263 markers[markers_cnt].start_address = start;
264 markers[markers_cnt].size = end - start;
265 markers[markers_cnt].name = name;
267 markers[markers_cnt].is_start = 0;
268 markers[markers_cnt].start_address = end;
269 markers[markers_cnt].size = end - start;
270 markers[markers_cnt].name = name;
278 static int pt_dump_init(void)
281 unsigned long kfence_start = (unsigned long)__kfence_pool;
283 unsigned long lowcore = (unsigned long)get_lowcore();
287 * Figure out the maximum virtual address being accessible with the
288 * kernel ASCE. We need this to keep the page table walker functions
289 * from accessing non-existent entries.
291 max_addr = (get_lowcore()->kernel_asce.val & _REGION_ENTRY_TYPE_MASK) >> 2;
292 max_addr = 1UL << (max_addr * 11 + 31);
293 /* start + end markers - must be added first */
294 rc = add_marker(0, -1UL, NULL);
295 rc |= add_marker((unsigned long)_stext, (unsigned long)_end, "Kernel Image");
296 rc |= add_marker(lowcore, lowcore + sizeof(struct lowcore), "Lowcore");
297 rc |= add_marker(__identity_base, __identity_base + ident_map_size, "Identity Mapping");
298 rc |= add_marker((unsigned long)__samode31, (unsigned long)__eamode31, "Amode31 Area");
299 rc |= add_marker(MODULES_VADDR, MODULES_END, "Modules Area");
300 rc |= add_marker(__abs_lowcore, __abs_lowcore + ABS_LOWCORE_MAP_SIZE, "Lowcore Area");
301 rc |= add_marker(__memcpy_real_area, __memcpy_real_area + MEMCPY_REAL_SIZE, "Real Memory Copy Area");
302 rc |= add_marker((unsigned long)vmemmap, (unsigned long)vmemmap + vmemmap_size, "vmemmap Area");
303 rc |= add_marker(VMALLOC_START, VMALLOC_END, "vmalloc Area");
305 rc |= add_marker(kfence_start, kfence_start + KFENCE_POOL_SIZE, "KFence Pool");
308 rc |= add_marker(KMSAN_VMALLOC_SHADOW_START, KMSAN_VMALLOC_SHADOW_END, "Kmsan vmalloc Shadow");
309 rc |= add_marker(KMSAN_VMALLOC_ORIGIN_START, KMSAN_VMALLOC_ORIGIN_END, "Kmsan vmalloc Origins");
310 rc |= add_marker(KMSAN_MODULES_SHADOW_START, KMSAN_MODULES_SHADOW_END, "Kmsan Modules Shadow");
311 rc |= add_marker(KMSAN_MODULES_ORIGIN_START, KMSAN_MODULES_ORIGIN_END, "Kmsan Modules Origins");
314 rc |= add_marker(KASAN_SHADOW_START, KASAN_SHADOW_END, "Kasan Shadow");
318 sort(&markers[1], markers_cnt - 1, sizeof(*markers), ptdump_cmp, NULL);
319 #ifdef CONFIG_PTDUMP_DEBUGFS
320 debugfs_create_file("kernel_page_tables", 0400, NULL, NULL, &ptdump_fops);
321 #endif /* CONFIG_PTDUMP_DEBUGFS */
327 device_initcall(pt_dump_init);
projects / linux.git / blob