1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef _LINUX_EXECMEM_ALLOC_H 3 #define _LINUX_EXECMEM_ALLOC_H 4 5 #include <linux/types.h> 6 #include <linux/moduleloader.h> 7 8 #if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \ 9 !defined(CONFIG_KASAN_VMALLOC) 10 #include <linux/kasan.h> 11 #define MODULE_ALIGN (PAGE_SIZE << KASAN_SHADOW_SCALE_SHIFT) 12 #else 13 #define MODULE_ALIGN PAGE_SIZE 14 #endif 15 16 /** 17 * enum execmem_type - types of executable memory ranges 18 * 19 * There are several subsystems that allocate executable memory. 20 * Architectures define different restrictions on placement, 21 * permissions, alignment and other parameters for memory that can be used 22 * by these subsystems. 23 * Types in this enum identify subsystems that allocate executable memory 24 * and let architectures define parameters for ranges suitable for 25 * allocations by each subsystem. 26 * 27 * @EXECMEM_DEFAULT: default parameters that would be used for types that 28 * are not explicitly defined. 29 * @EXECMEM_MODULE_TEXT: parameters for module text sections 30 * @EXECMEM_KPROBES: parameters for kprobes 31 * @EXECMEM_FTRACE: parameters for ftrace 32 * @EXECMEM_BPF: parameters for BPF 33 * @EXECMEM_MODULE_DATA: parameters for module data sections 34 * @EXECMEM_TYPE_MAX: 35 */ 36 enum execmem_type { 37 EXECMEM_DEFAULT, 38 EXECMEM_MODULE_TEXT = EXECMEM_DEFAULT, 39 EXECMEM_KPROBES, 40 EXECMEM_FTRACE, 41 EXECMEM_BPF, 42 EXECMEM_MODULE_DATA, 43 EXECMEM_TYPE_MAX, 44 }; 45 46 /** 47 * enum execmem_range_flags - options for executable memory allocations 48 * @EXECMEM_KASAN_SHADOW: allocate kasan shadow 49 * @EXECMEM_ROX_CACHE: allocations should use ROX cache of huge pages 50 */ 51 enum execmem_range_flags { 52 EXECMEM_KASAN_SHADOW = (1 << 0), 53 EXECMEM_ROX_CACHE = (1 << 1), 54 }; 55 56 #if defined(CONFIG_ARCH_HAS_EXECMEM_ROX) && defined(CONFIG_EXECMEM) 57 /** 58 * execmem_fill_trapping_insns - set memory to contain instructions that 59 * will trap 60 * @ptr: pointer to memory to fill 61 * @size: size of the range to fill 62 * @writable: is the memory poited by @ptr is writable or ROX 63 * 64 * A hook for architecures to fill execmem ranges with invalid instructions. 65 * Architectures that use EXECMEM_ROX_CACHE must implement this. 66 */ 67 void execmem_fill_trapping_insns(void *ptr, size_t size, bool writable); 68 69 /** 70 * execmem_make_temp_rw - temporarily remap region with read-write 71 * permissions 72 * @ptr: address of the region to remap 73 * @size: size of the region to remap 74 * 75 * Remaps a part of the cached large page in the ROX cache in the range 76 * [@ptr, @ptr + @size) as writable and not executable. The caller must 77 * have exclusive ownership of this range and ensure nothing will try to 78 * execute code in this range. 79 * 80 * Return: 0 on success or negative error code on failure. 81 */ 82 int execmem_make_temp_rw(void *ptr, size_t size); 83 84 /** 85 * execmem_restore_rox - restore read-only-execute permissions 86 * @ptr: address of the region to remap 87 * @size: size of the region to remap 88 * 89 * Restores read-only-execute permissions on a range [@ptr, @ptr + @size) 90 * after it was temporarily remapped as writable. Relies on architecture 91 * implementation of set_memory_rox() to restore mapping using large pages. 92 * 93 * Return: 0 on success or negative error code on failure. 94 */ 95 int execmem_restore_rox(void *ptr, size_t size); 96 97 /* 98 * Called from mark_readonly(), where the system transitions to ROX. 99 */ 100 void execmem_cache_make_ro(void); 101 #else 102 static inline int execmem_make_temp_rw(void *ptr, size_t size) { return 0; } 103 static inline int execmem_restore_rox(void *ptr, size_t size) { return 0; } 104 static inline void execmem_cache_make_ro(void) { } 105 #endif 106 107 /** 108 * struct execmem_range - definition of an address space suitable for code and 109 * related data allocations 110 * @start: address space start 111 * @end: address space end (inclusive) 112 * @fallback_start: start of the secondary address space range for fallback 113 * allocations on architectures that require it 114 * @fallback_end: start of the secondary address space (inclusive) 115 * @pgprot: permissions for memory in this address space 116 * @alignment: alignment required for text allocations 117 * @flags: options for memory allocations for this range 118 */ 119 struct execmem_range { 120 unsigned long start; 121 unsigned long end; 122 unsigned long fallback_start; 123 unsigned long fallback_end; 124 pgprot_t pgprot; 125 unsigned int alignment; 126 enum execmem_range_flags flags; 127 }; 128 129 /** 130 * struct execmem_info - architecture parameters for code allocations 131 * @ranges: array of parameter sets defining architecture specific 132 * parameters for executable memory allocations. The ranges that are not 133 * explicitly initialized by an architecture use parameters defined for 134 * @EXECMEM_DEFAULT. 135 */ 136 struct execmem_info { 137 struct execmem_range ranges[EXECMEM_TYPE_MAX]; 138 }; 139 140 /** 141 * execmem_arch_setup - define parameters for allocations of executable memory 142 * 143 * A hook for architectures to define parameters for allocations of 144 * executable memory. These parameters should be filled into the 145 * @execmem_info structure. 146 * 147 * For architectures that do not implement this method a default set of 148 * parameters will be used 149 * 150 * Return: a structure defining architecture parameters and restrictions 151 * for allocations of executable memory 152 */ 153 struct execmem_info *execmem_arch_setup(void); 154 155 /** 156 * execmem_alloc - allocate executable memory 157 * @type: type of the allocation 158 * @size: how many bytes of memory are required 159 * 160 * Allocates memory that will contain executable code, either generated or 161 * loaded from kernel modules. 162 * 163 * Allocates memory that will contain data coupled with executable code, 164 * like data sections in kernel modules. 165 * 166 * The memory will have protections defined by architecture for executable 167 * region of the @type. 168 * 169 * Return: a pointer to the allocated memory or %NULL 170 */ 171 void *execmem_alloc(enum execmem_type type, size_t size); 172 173 /** 174 * execmem_free - free executable memory 175 * @ptr: pointer to the memory that should be freed 176 */ 177 void execmem_free(void *ptr); 178 179 #ifdef CONFIG_MMU 180 /** 181 * execmem_vmap - create virtual mapping for EXECMEM_MODULE_DATA memory 182 * @size: size of the virtual mapping in bytes 183 * 184 * Maps virtually contiguous area in the range suitable for EXECMEM_MODULE_DATA. 185 * 186 * Return: the area descriptor on success or %NULL on failure. 187 */ 188 struct vm_struct *execmem_vmap(size_t size); 189 #endif 190 191 /** 192 * execmem_update_copy - copy an update to executable memory 193 * @dst: destination address to update 194 * @src: source address containing the data 195 * @size: how many bytes of memory shold be copied 196 * 197 * Copy @size bytes from @src to @dst using text poking if the memory at 198 * @dst is read-only. 199 * 200 * Return: a pointer to @dst or NULL on error 201 */ 202 void *execmem_update_copy(void *dst, const void *src, size_t size); 203 204 /** 205 * execmem_is_rox - check if execmem is read-only 206 * @type - the execmem type to check 207 * 208 * Return: %true if the @type is read-only, %false if it's writable 209 */ 210 bool execmem_is_rox(enum execmem_type type); 211 212 #if defined(CONFIG_EXECMEM) && !defined(CONFIG_ARCH_WANTS_EXECMEM_LATE) 213 void execmem_init(void); 214 #else 215 static inline void execmem_init(void) {} 216 #endif 217 218 #endif /* _LINUX_EXECMEM_ALLOC_H */ 219