1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _LINUX_EXECMEM_ALLOC_H
3 #define _LINUX_EXECMEM_ALLOC_H
4
5 #include <linux/types.h>
6 #include <linux/moduleloader.h>
7 #include <linux/cleanup.h>
8
9 #if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \
10 !defined(CONFIG_KASAN_VMALLOC)
11 #include <linux/kasan.h>
12 #define MODULE_ALIGN (PAGE_SIZE << KASAN_SHADOW_SCALE_SHIFT)
13 #else
14 #define MODULE_ALIGN PAGE_SIZE
15 #endif
16
17 /**
18 * enum execmem_type - types of executable memory ranges
19 *
20 * There are several subsystems that allocate executable memory.
21 * Architectures define different restrictions on placement,
22 * permissions, alignment and other parameters for memory that can be used
23 * by these subsystems.
24 * Types in this enum identify subsystems that allocate executable memory
25 * and let architectures define parameters for ranges suitable for
26 * allocations by each subsystem.
27 *
28 * @EXECMEM_DEFAULT: default parameters that would be used for types that
29 * are not explicitly defined.
30 * @EXECMEM_MODULE_TEXT: parameters for module text sections
31 * @EXECMEM_KPROBES: parameters for kprobes
32 * @EXECMEM_FTRACE: parameters for ftrace
33 * @EXECMEM_BPF: parameters for BPF
34 * @EXECMEM_MODULE_DATA: parameters for module data sections
35 * @EXECMEM_TYPE_MAX:
36 */
37 enum execmem_type {
38 EXECMEM_DEFAULT,
39 EXECMEM_MODULE_TEXT = EXECMEM_DEFAULT,
40 EXECMEM_KPROBES,
41 EXECMEM_FTRACE,
42 EXECMEM_BPF,
43 EXECMEM_MODULE_DATA,
44 EXECMEM_TYPE_MAX,
45 };
46
47 /**
48 * enum execmem_range_flags - options for executable memory allocations
49 * @EXECMEM_KASAN_SHADOW: allocate kasan shadow
50 * @EXECMEM_ROX_CACHE: allocations should use ROX cache of huge pages
51 */
52 enum execmem_range_flags {
53 EXECMEM_KASAN_SHADOW = (1 << 0),
54 EXECMEM_ROX_CACHE = (1 << 1),
55 };
56
57 #ifdef CONFIG_ARCH_HAS_EXECMEM_ROX
58 /**
59 * execmem_fill_trapping_insns - set memory to contain instructions that
60 * will trap
61 * @ptr: pointer to memory to fill
62 * @size: size of the range to fill
63 * @writable: is the memory poited by @ptr is writable or ROX
64 *
65 * A hook for architecures to fill execmem ranges with invalid instructions.
66 * Architectures that use EXECMEM_ROX_CACHE must implement this.
67 */
68 void execmem_fill_trapping_insns(void *ptr, size_t size, bool writable);
69
70 /**
71 * execmem_make_temp_rw - temporarily remap region with read-write
72 * permissions
73 * @ptr: address of the region to remap
74 * @size: size of the region to remap
75 *
76 * Remaps a part of the cached large page in the ROX cache in the range
77 * [@ptr, @ptr + @size) as writable and not executable. The caller must
78 * have exclusive ownership of this range and ensure nothing will try to
79 * execute code in this range.
80 *
81 * Return: 0 on success or negative error code on failure.
82 */
83 int execmem_make_temp_rw(void *ptr, size_t size);
84
85 /**
86 * execmem_restore_rox - restore read-only-execute permissions
87 * @ptr: address of the region to remap
88 * @size: size of the region to remap
89 *
90 * Restores read-only-execute permissions on a range [@ptr, @ptr + @size)
91 * after it was temporarily remapped as writable. Relies on architecture
92 * implementation of set_memory_rox() to restore mapping using large pages.
93 *
94 * Return: 0 on success or negative error code on failure.
95 */
96 int execmem_restore_rox(void *ptr, size_t size);
97 #else
execmem_make_temp_rw(void * ptr,size_t size)98 static inline int execmem_make_temp_rw(void *ptr, size_t size) { return 0; }
execmem_restore_rox(void * ptr,size_t size)99 static inline int execmem_restore_rox(void *ptr, size_t size) { return 0; }
100 #endif
101
102 /**
103 * struct execmem_range - definition of an address space suitable for code and
104 * related data allocations
105 * @start: address space start
106 * @end: address space end (inclusive)
107 * @fallback_start: start of the secondary address space range for fallback
108 * allocations on architectures that require it
109 * @fallback_end: start of the secondary address space (inclusive)
110 * @pgprot: permissions for memory in this address space
111 * @alignment: alignment required for text allocations
112 * @flags: options for memory allocations for this range
113 */
114 struct execmem_range {
115 unsigned long start;
116 unsigned long end;
117 unsigned long fallback_start;
118 unsigned long fallback_end;
119 pgprot_t pgprot;
120 unsigned int alignment;
121 enum execmem_range_flags flags;
122 };
123
124 /**
125 * struct execmem_info - architecture parameters for code allocations
126 * @ranges: array of parameter sets defining architecture specific
127 * parameters for executable memory allocations. The ranges that are not
128 * explicitly initialized by an architecture use parameters defined for
129 * @EXECMEM_DEFAULT.
130 */
131 struct execmem_info {
132 struct execmem_range ranges[EXECMEM_TYPE_MAX];
133 };
134
135 /**
136 * execmem_arch_setup - define parameters for allocations of executable memory
137 *
138 * A hook for architectures to define parameters for allocations of
139 * executable memory. These parameters should be filled into the
140 * @execmem_info structure.
141 *
142 * For architectures that do not implement this method a default set of
143 * parameters will be used
144 *
145 * Return: a structure defining architecture parameters and restrictions
146 * for allocations of executable memory
147 */
148 struct execmem_info *execmem_arch_setup(void);
149
150 /**
151 * execmem_alloc - allocate executable memory
152 * @type: type of the allocation
153 * @size: how many bytes of memory are required
154 *
155 * Allocates memory that will contain executable code, either generated or
156 * loaded from kernel modules.
157 *
158 * Allocates memory that will contain data coupled with executable code,
159 * like data sections in kernel modules.
160 *
161 * The memory will have protections defined by architecture for executable
162 * region of the @type.
163 *
164 * Return: a pointer to the allocated memory or %NULL
165 */
166 void *execmem_alloc(enum execmem_type type, size_t size);
167
168 /**
169 * execmem_free - free executable memory
170 * @ptr: pointer to the memory that should be freed
171 */
172 void execmem_free(void *ptr);
173
174 DEFINE_FREE(execmem, void *, if (_T) execmem_free(_T));
175
176 #ifdef CONFIG_MMU
177 /**
178 * execmem_vmap - create virtual mapping for EXECMEM_MODULE_DATA memory
179 * @size: size of the virtual mapping in bytes
180 *
181 * Maps virtually contiguous area in the range suitable for EXECMEM_MODULE_DATA.
182 *
183 * Return: the area descriptor on success or %NULL on failure.
184 */
185 struct vm_struct *execmem_vmap(size_t size);
186 #endif
187
188 /**
189 * execmem_update_copy - copy an update to executable memory
190 * @dst: destination address to update
191 * @src: source address containing the data
192 * @size: how many bytes of memory shold be copied
193 *
194 * Copy @size bytes from @src to @dst using text poking if the memory at
195 * @dst is read-only.
196 *
197 * Return: a pointer to @dst or NULL on error
198 */
199 void *execmem_update_copy(void *dst, const void *src, size_t size);
200
201 /**
202 * execmem_is_rox - check if execmem is read-only
203 * @type - the execmem type to check
204 *
205 * Return: %true if the @type is read-only, %false if it's writable
206 */
207 bool execmem_is_rox(enum execmem_type type);
208
209 #if defined(CONFIG_EXECMEM) && !defined(CONFIG_ARCH_WANTS_EXECMEM_LATE)
210 void execmem_init(void);
211 #else
execmem_init(void)212 static inline void execmem_init(void) {}
213 #endif
214
215 #endif /* _LINUX_EXECMEM_ALLOC_H */
216