On Tue, 17 Jul 2018 21:49:21 +0200
David Hildenbrand <david@xxxxxxxxxx> wrote:
> > +/*
> > + * gmap_protect_pmd - remove access rights to memory and set pmd
> > notification bits
> > + * @pmdp: pointer to the pmd to be protected
> > + * @prot: indicates access rights: PROT_NONE, PROT_READ or
> > PROT_WRITE
> > + * @bits: notification bits to set
> > + *
> > + * Returns:
> > + * 0 if successfully protected
> > + * -ENOMEM if out of memory and
>
> This cannot happen.
Right, removed.
>
> > + * -EAGAIN if a fixup is needed
> > + * -EINVAL if unsupported notifier bits have been specified
> > + *
> > + * Expected to be called with sg->mm->mmap_sem in read and
> > + * guest_table_lock held.
> > + */
> > +static int gmap_protect_pmd(struct gmap *gmap, unsigned long gaddr,
> > + pmd_t *pmdp, int prot, unsigned long
> > bits) +{
> > + int pmd_i = pmd_val(*pmdp) & _SEGMENT_ENTRY_INVALID;
> > + int pmd_p = pmd_val(*pmdp) & _SEGMENT_ENTRY_PROTECT;
> > +
> > + /* Fixup needed */
> > + if ((pmd_i && (prot != PROT_NONE)) || (pmd_p && (prot ==
> > PROT_WRITE)))
> > + return -EAGAIN;
>
> You should also return -EINVAL in case !PROT_WRITE is defined, as we
> only support PROT_WRITE (we don't perform any protection!)
So, you want a temporary check that I have to remove two patches later?
>
>
> > + if (bits & GMAP_NOTIFY_MPROT)
> > + pmd_val(*pmdp) |= _SEGMENT_ENTRY_GMAP_IN;
> > +
> > + /* Shadow GMAP protection needs split PMDs */
> > + if (bits & GMAP_NOTIFY_SHADOW)
> > + return -EINVAL;
> > +
> > + return 0;
> > +}
> > +
>
>
