mirror of https://gitee.com/openkylin/linux.git
Add and use a generic version of devmem_is_allowed()
As part of adding STRICT_DEVMEM support to the RISC-V port, Zong provided an implementation of devmem_is_allowed() that's exactly the same as the version in a handful of other ports. Rather than duplicate code, I've put a generic version of this in lib/ and used it for the RISC-V port. * palmer/generic-devmem: arm64: Use the generic devmem_is_allowed() arm: Use the generic devmem_is_allowed() RISC-V: Use the new generic devmem_is_allowed() lib: Add a generic version of devmem_is_allowed()
This commit is contained in:
commit
7d95a88f92
|
@ -5,7 +5,6 @@ config ARM
|
|||
select ARCH_32BIT_OFF_T
|
||||
select ARCH_HAS_BINFMT_FLAT
|
||||
select ARCH_HAS_DEBUG_VIRTUAL if MMU
|
||||
select ARCH_HAS_DEVMEM_IS_ALLOWED
|
||||
select ARCH_HAS_DMA_WRITE_COMBINE if !ARM_DMA_MEM_BUFFERABLE
|
||||
select ARCH_HAS_ELF_RANDOMIZE
|
||||
select ARCH_HAS_FORTIFY_SOURCE
|
||||
|
@ -56,6 +55,7 @@ config ARM
|
|||
select GENERIC_IRQ_PROBE
|
||||
select GENERIC_IRQ_SHOW
|
||||
select GENERIC_IRQ_SHOW_LEVEL
|
||||
select GENERIC_LIB_DEVMEM_IS_ALLOWED
|
||||
select GENERIC_PCI_IOMAP
|
||||
select GENERIC_SCHED_CLOCK
|
||||
select GENERIC_SMP_IDLE_THREAD
|
||||
|
|
|
@ -441,7 +441,6 @@ extern void pci_iounmap(struct pci_dev *dev, void __iomem *addr);
|
|||
#define ARCH_HAS_VALID_PHYS_ADDR_RANGE
|
||||
extern int valid_phys_addr_range(phys_addr_t addr, size_t size);
|
||||
extern int valid_mmap_phys_addr_range(unsigned long pfn, size_t size);
|
||||
extern int devmem_is_allowed(unsigned long pfn);
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
|
|
@ -165,25 +165,3 @@ int valid_mmap_phys_addr_range(unsigned long pfn, size_t size)
|
|||
{
|
||||
return (pfn + (size >> PAGE_SHIFT)) <= (1 + (PHYS_MASK >> PAGE_SHIFT));
|
||||
}
|
||||
|
||||
#ifdef CONFIG_STRICT_DEVMEM
|
||||
|
||||
#include <linux/ioport.h>
|
||||
|
||||
/*
|
||||
* devmem_is_allowed() checks to see if /dev/mem access to a certain
|
||||
* address is valid. The argument is a physical page number.
|
||||
* We mimic x86 here by disallowing access to system RAM as well as
|
||||
* device-exclusive MMIO regions. This effectively disable read()/write()
|
||||
* on /dev/mem.
|
||||
*/
|
||||
int devmem_is_allowed(unsigned long pfn)
|
||||
{
|
||||
if (iomem_is_exclusive(pfn << PAGE_SHIFT))
|
||||
return 0;
|
||||
if (!page_is_ram(pfn))
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
|
|
@ -13,7 +13,6 @@ config ARM64
|
|||
select ARCH_BINFMT_ELF_STATE
|
||||
select ARCH_HAS_DEBUG_VIRTUAL
|
||||
select ARCH_HAS_DEBUG_VM_PGTABLE
|
||||
select ARCH_HAS_DEVMEM_IS_ALLOWED
|
||||
select ARCH_HAS_DMA_PREP_COHERENT
|
||||
select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI
|
||||
select ARCH_HAS_FAST_MULTIPLIER
|
||||
|
@ -112,6 +111,7 @@ config ARM64
|
|||
select GENERIC_IRQ_PROBE
|
||||
select GENERIC_IRQ_SHOW
|
||||
select GENERIC_IRQ_SHOW_LEVEL
|
||||
select GENERIC_LIB_DEVMEM_IS_ALLOWED
|
||||
select GENERIC_PCI_IOMAP
|
||||
select GENERIC_PTDUMP
|
||||
select GENERIC_SCHED_CLOCK
|
||||
|
|
|
@ -201,6 +201,4 @@ extern void __iomem *ioremap_cache(phys_addr_t phys_addr, size_t size);
|
|||
extern int valid_phys_addr_range(phys_addr_t addr, size_t size);
|
||||
extern int valid_mmap_phys_addr_range(unsigned long pfn, size_t size);
|
||||
|
||||
extern int devmem_is_allowed(unsigned long pfn);
|
||||
|
||||
#endif /* __ASM_IO_H */
|
||||
|
|
|
@ -47,24 +47,3 @@ int valid_mmap_phys_addr_range(unsigned long pfn, size_t size)
|
|||
{
|
||||
return !(((pfn << PAGE_SHIFT) + size) & ~PHYS_MASK);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_STRICT_DEVMEM
|
||||
|
||||
#include <linux/ioport.h>
|
||||
|
||||
/*
|
||||
* devmem_is_allowed() checks to see if /dev/mem access to a certain address
|
||||
* is valid. The argument is a physical page number. We mimic x86 here by
|
||||
* disallowing access to system RAM as well as device-exclusive MMIO regions.
|
||||
* This effectively disable read()/write() on /dev/mem.
|
||||
*/
|
||||
int devmem_is_allowed(unsigned long pfn)
|
||||
{
|
||||
if (iomem_is_exclusive(pfn << PAGE_SHIFT))
|
||||
return 0;
|
||||
if (!page_is_ram(pfn))
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
|
|
@ -44,6 +44,7 @@ config RISCV
|
|||
select GENERIC_IOREMAP
|
||||
select GENERIC_IRQ_MULTI_HANDLER
|
||||
select GENERIC_IRQ_SHOW
|
||||
select GENERIC_LIB_DEVMEM_IS_ALLOWED
|
||||
select GENERIC_PCI_IOMAP
|
||||
select GENERIC_PTDUMP if MMU
|
||||
select GENERIC_SCHED_CLOCK
|
||||
|
|
|
@ -1137,6 +1137,10 @@ static inline void memcpy_toio(volatile void __iomem *addr, const void *buffer,
|
|||
}
|
||||
#endif
|
||||
|
||||
#ifndef CONFIG_GENERIC_DEVMEM_IS_ALLOWED
|
||||
extern int devmem_is_allowed(unsigned long pfn);
|
||||
#endif
|
||||
|
||||
#endif /* __KERNEL__ */
|
||||
|
||||
#endif /* __ASM_GENERIC_IO_H */
|
||||
|
|
|
@ -686,6 +686,9 @@ config GENERIC_LIB_CMPDI2
|
|||
config GENERIC_LIB_UCMPDI2
|
||||
bool
|
||||
|
||||
config GENERIC_LIB_DEVMEM_IS_ALLOWED
|
||||
bool
|
||||
|
||||
config PLDMFW
|
||||
bool
|
||||
default n
|
||||
|
|
|
@ -1645,7 +1645,7 @@ config ARCH_HAS_DEVMEM_IS_ALLOWED
|
|||
config STRICT_DEVMEM
|
||||
bool "Filter access to /dev/mem"
|
||||
depends on MMU && DEVMEM
|
||||
depends on ARCH_HAS_DEVMEM_IS_ALLOWED
|
||||
depends on ARCH_HAS_DEVMEM_IS_ALLOWED || GENERIC_LIB_DEVMEM_IS_ALLOWED
|
||||
default y if PPC || X86 || ARM64
|
||||
help
|
||||
If this option is disabled, you allow userspace (root) access to all
|
||||
|
|
|
@ -352,3 +352,5 @@ obj-$(CONFIG_BITFIELD_KUNIT) += bitfield_kunit.o
|
|||
obj-$(CONFIG_LIST_KUNIT_TEST) += list-test.o
|
||||
obj-$(CONFIG_LINEAR_RANGES_TEST) += test_linear_ranges.o
|
||||
obj-$(CONFIG_BITS_TEST) += test_bits.o
|
||||
|
||||
obj-$(CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED) += devmem_is_allowed.o
|
||||
|
|
|
@ -0,0 +1,27 @@
|
|||
// SPDX-License-Identifier: GPL-2.0-only
|
||||
/*
|
||||
* A generic version of devmem_is_allowed.
|
||||
*
|
||||
* Based on arch/arm64/mm/mmap.c
|
||||
*
|
||||
* Copyright (C) 2020 Google, Inc.
|
||||
* Copyright (C) 2012 ARM Ltd.
|
||||
*/
|
||||
|
||||
#include <linux/mm.h>
|
||||
#include <linux/ioport.h>
|
||||
|
||||
/*
|
||||
* devmem_is_allowed() checks to see if /dev/mem access to a certain address
|
||||
* is valid. The argument is a physical page number. We mimic x86 here by
|
||||
* disallowing access to system RAM as well as device-exclusive MMIO regions.
|
||||
* This effectively disable read()/write() on /dev/mem.
|
||||
*/
|
||||
int devmem_is_allowed(unsigned long pfn)
|
||||
{
|
||||
if (iomem_is_exclusive(pfn << PAGE_SHIFT))
|
||||
return 0;
|
||||
if (!page_is_ram(pfn))
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
Loading…
Reference in New Issue