arch/x86/mm/pgprot.c - linux - Git at Google

 // SPDX-License-Identifier: GPL-2.0

 #include <linux/export.h>
 #include <linux/mm.h>
 #include <asm/pgtable.h>
 #include <asm/mem_encrypt.h>

 static pgprot_t protection_map[16] __ro_after_init = {
 	[VM_NONE]					= PAGE_NONE,
 	[VM_READ]					= PAGE_READONLY,
 	[VM_WRITE]					= PAGE_COPY,
 	[VM_WRITE | VM_READ]				= PAGE_COPY,
 	[VM_EXEC]					= PAGE_READONLY_EXEC,
 	[VM_EXEC | VM_READ]				= PAGE_READONLY_EXEC,
 	[VM_EXEC | VM_WRITE]				= PAGE_COPY_EXEC,
 	[VM_EXEC | VM_WRITE | VM_READ]			= PAGE_COPY_EXEC,
 	[VM_SHARED]					= PAGE_NONE,
 	[VM_SHARED | VM_READ]				= PAGE_READONLY,
 	[VM_SHARED | VM_WRITE]				= PAGE_SHARED,
 	[VM_SHARED | VM_WRITE | VM_READ]		= PAGE_SHARED,
 	[VM_SHARED | VM_EXEC]				= PAGE_READONLY_EXEC,
 	[VM_SHARED | VM_EXEC | VM_READ]			= PAGE_READONLY_EXEC,
 	[VM_SHARED | VM_EXEC | VM_WRITE]		= PAGE_SHARED_EXEC,
 	[VM_SHARED | VM_EXEC | VM_WRITE | VM_READ]	= PAGE_SHARED_EXEC
 };

 void add_encrypt_protection_map(void)
 {
 	unsigned int i;

 	for (i = 0; i < ARRAY_SIZE(protection_map); i++)
 		protection_map[i] = pgprot_encrypted(protection_map[i]);
 }

 pgprot_t vm_get_page_prot(unsigned long vm_flags)
 {
 	unsigned long val = pgprot_val(protection_map[vm_flags &
 				      (VM_READ|VM_WRITE|VM_EXEC|VM_SHARED)]);

 #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
 	/*
 	 * Take the 4 protection key bits out of the vma->vm_flags value and
 	 * turn them in to the bits that we can put in to a pte.
 	 *
 	 * Only override these if Protection Keys are available (which is only
 	 * on 64-bit).
 	 */
 	if (vm_flags & VM_PKEY_BIT0)
 		val |= _PAGE_PKEY_BIT0;
 	if (vm_flags & VM_PKEY_BIT1)
 		val |= _PAGE_PKEY_BIT1;
 	if (vm_flags & VM_PKEY_BIT2)
 		val |= _PAGE_PKEY_BIT2;
 	if (vm_flags & VM_PKEY_BIT3)
 		val |= _PAGE_PKEY_BIT3;
 #endif

 	val = __sme_set(val);
 	if (val & _PAGE_PRESENT)
 		val &= __supported_pte_mask;
 	return __pgprot(val);
 }
 EXPORT_SYMBOL(vm_get_page_prot);
	// SPDX-License-Identifier: GPL-2.0

	#include <linux/export.h>
	#include <linux/mm.h>
	#include <asm/pgtable.h>
	#include <asm/mem_encrypt.h>

	static pgprot_t protection_map[16] __ro_after_init = {
	[VM_NONE] = PAGE_NONE,
	[VM_READ] = PAGE_READONLY,
	[VM_WRITE] = PAGE_COPY,
	[VM_WRITE \| VM_READ] = PAGE_COPY,
	[VM_EXEC] = PAGE_READONLY_EXEC,
	[VM_EXEC \| VM_READ] = PAGE_READONLY_EXEC,
	[VM_EXEC \| VM_WRITE] = PAGE_COPY_EXEC,
	[VM_EXEC \| VM_WRITE \| VM_READ] = PAGE_COPY_EXEC,
	[VM_SHARED] = PAGE_NONE,
	[VM_SHARED \| VM_READ] = PAGE_READONLY,
	[VM_SHARED \| VM_WRITE] = PAGE_SHARED,
	[VM_SHARED \| VM_WRITE \| VM_READ] = PAGE_SHARED,
	[VM_SHARED \| VM_EXEC] = PAGE_READONLY_EXEC,
	[VM_SHARED \| VM_EXEC \| VM_READ] = PAGE_READONLY_EXEC,
	[VM_SHARED \| VM_EXEC \| VM_WRITE] = PAGE_SHARED_EXEC,
	[VM_SHARED \| VM_EXEC \| VM_WRITE \| VM_READ] = PAGE_SHARED_EXEC
	};

	void add_encrypt_protection_map(void)
	{
	unsigned int i;

	for (i = 0; i < ARRAY_SIZE(protection_map); i++)
	protection_map[i] = pgprot_encrypted(protection_map[i]);
	}

	pgprot_t vm_get_page_prot(unsigned long vm_flags)
	{
	unsigned long val = pgprot_val(protection_map[vm_flags &
	(VM_READ\|VM_WRITE\|VM_EXEC\|VM_SHARED)]);

	#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
	/*
	* Take the 4 protection key bits out of the vma->vm_flags value and
	* turn them in to the bits that we can put in to a pte.
	*
	* Only override these if Protection Keys are available (which is only
	* on 64-bit).
	*/
	if (vm_flags & VM_PKEY_BIT0)
	val \|= _PAGE_PKEY_BIT0;
	if (vm_flags & VM_PKEY_BIT1)
	val \|= _PAGE_PKEY_BIT1;
	if (vm_flags & VM_PKEY_BIT2)
	val \|= _PAGE_PKEY_BIT2;
	if (vm_flags & VM_PKEY_BIT3)
	val \|= _PAGE_PKEY_BIT3;
	#endif

	val = __sme_set(val);
	if (val & _PAGE_PRESENT)
	val &= __supported_pte_mask;
	return __pgprot(val);
	}
	EXPORT_SYMBOL(vm_get_page_prot);