From 290e1a10645d02391ea8e6ad9b295c517cfc1982 Mon Sep 17 00:00:00 2001
From: Ram Pai <linuxram@us.ibm.com>
Date: Thu, 18 Jan 2018 17:50:38 -0800
Subject: [PATCH 36/45] powerpc: check key protection for user page access

References: FATE#322447, bsc#1078248
Patch-mainline: v4.16-rc1
Git-commit: bca7aacfe8be121ecefb3be609420220b0820c2c

Make sure that the kernel does not access user pages without
checking their key-protection.

Signed-off-by: Ram Pai <linuxram@us.ibm.com>
[mpe: Integrate with upstream version of pte_access_permitted()]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Acked-by: Michal Suchanek <msuchanek@suse.de>
---
 arch/powerpc/include/asm/book3s/64/pgtable.h | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/include/asm/book3s/64/pgtable.h b/arch/powerpc/include/asm/book3s/64/pgtable.h
index 817094321ef1..790705734f73 100644
--- a/arch/powerpc/include/asm/book3s/64/pgtable.h
+++ b/arch/powerpc/include/asm/book3s/64/pgtable.h
@@ -564,7 +564,14 @@ static inline int pte_present(pte_t pte)
 	return !!(pte_raw(pte) & cpu_to_be64(_PAGE_PRESENT));
 }
 
+#ifdef CONFIG_PPC_MEM_KEYS
 extern bool arch_pte_access_permitted(u64 pte, bool write, bool execute);
+#else
+static inline bool arch_pte_access_permitted(u64 pte, bool write, bool execute)
+{
+	return true;
+}
+#endif /* CONFIG_PPC_MEM_KEYS */
 
 #define pte_access_permitted pte_access_permitted
 static inline bool pte_access_permitted(pte_t pte, bool write)
@@ -586,7 +593,8 @@ static inline bool pte_access_permitted(pte_t pte, bool write)
 
 	if ((pteval & clear_pte_bits) == clear_pte_bits)
 		return false;
-	return true;
+
+	return arch_pte_access_permitted(pte_val(pte), write, 0);
 }
 
 /*
-- 
2.13.6