Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp227576ybt; Tue, 16 Jun 2020 22:30:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz9wzp69Zjo+R1IhNrLESOXuokyQOitjjet4rUwyePx3MS1qLZKVCi1juX5G/CUEXyxv1wx X-Received: by 2002:a05:6402:1c87:: with SMTP id cy7mr5885422edb.354.1592371855004; Tue, 16 Jun 2020 22:30:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592371854; cv=none; d=google.com; s=arc-20160816; b=U5DpxEuUNfEw8LKtJb/YkBO9b7whTivUuWjdw0CZMyvCxaJnTanuH3ptTkOETO49rC iF8D1McUkFiFC889jh7X0OXPFdKPqdxcA2GJw372q8QIBLSUT9gjo9qEYtkSWD0QEy0U mPRqlyCRsPX24/TCuyBXnKJ35dZOLXZV/CD2wrHtxTITDgW2lrkzyST+x+T25DNKAhPI 9EDMXHE/EhLnoPJGbJjamO0djkxusWoDndQ3z554kM6wt8iuOVfS9kKPCzg4rfgGhcC0 9Of2a9Rn1sz4VoDPOG6mZXiTylxo44BodL8gUcsOGrAt7M9boD01PKo7wn2aQOn07EsB ZQjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:message-id:references :in-reply-to:organization:subject:cc:to:from:date :content-transfer-encoding:mime-version; bh=l9YWhDGRtdNc5QCYJBNM3pRm9Ybdr0AJTQomzLSDCrM=; b=ov6StwnbDODAPtUdyDdo2HnhSZeJx9qqM8K3saAtdH5l3VG/RsI4i0rE6qTmdYbcJy dVVXDOhHEga9/TZD6yukNDNwkxzD3rLj9CoxKLiTJhbEkawILYhe4p/csFg37RW1SD0e LrN5PaZE7V2/lpa5GY2nTwRB7tvils1lRduPaccC3LV1Re3vCbaT7wsJw8P3kZoE2l/9 NwMAd0r5lhqrOL5RLQKkWAxf0GvvA0qPrR54CbiN+Eoqxxi6SBu4XEzIBRCRWQ287vpM 7p7HVn8sDXdJOxzugj7Z7JMr8bh48UiMd6Tf1GRePD5uf61j0xS9bFTikRech7Tkui4P bMUA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z12si12588872eju.555.2020.06.16.22.30.33; Tue, 16 Jun 2020 22:30:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726858AbgFQF2i (ORCPT + 99 others); Wed, 17 Jun 2020 01:28:38 -0400 Received: from mailgate-2.ics.forth.gr ([139.91.1.5]:44432 "EHLO mailgate-2.ics.forth.gr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725851AbgFQF2h (ORCPT ); Wed, 17 Jun 2020 01:28:37 -0400 Received: from av3.ics.forth.gr (av3in [139.91.1.77]) by mailgate-2.ics.forth.gr (8.14.4/ICS-FORTH/V10-1.8-GATE) with ESMTP id 05H5SIbw014773; Wed, 17 Jun 2020 05:28:20 GMT X-AuditID: 8b5b014d-257ff700000045c5-8c-5ee9a9f1b299 Received: from enigma.ics.forth.gr (enigma.ics.forth.gr [139.91.151.35]) by av3.ics.forth.gr (Symantec Messaging Gateway) with SMTP id B3.12.17861.1F9A9EE5; Wed, 17 Jun 2020 08:28:18 +0300 (EEST) X-ICS-AUTH-INFO: Authenticated user: at ics.forth.gr MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Wed, 17 Jun 2020 08:28:17 +0300 From: Nick Kossifidis To: Zong Li Cc: Nick Kossifidis , Paul Walmsley , Palmer Dabbelt , linux-riscv , "linux-kernel@vger.kernel.org List" Subject: Re: [PATCH 2/2] riscv: Support CONFIG_STRICT_DEVMEM Organization: FORTH In-Reply-To: References: <7faa60aa4a606b5c5c1ae374d82a7eee6c764b38.1592292685.git.zong.li@sifive.com> <29425dbf7d54bab2733d28480d3adb61@mailhost.ics.forth.gr> Message-ID: <6e6cf39ae6ed91bbe086adbade5786cb@mailhost.ics.forth.gr> X-Sender: mick@mailhost.ics.forth.gr User-Agent: Roundcube Webmail/1.3.9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrHLMWRmVeSWpSXmKPExsXSHT1dWffTypdxBvsOMVlc3jWHzWLb5xY2 i+Z359gtXl7uYbZom8Vv8eHubDYHNo83L1+yeDzcdInJY/OSeo9LzdfZPT5vkgtgjeKySUnN ySxLLdK3S+DKWP3yJVvBA7mK2d0z2RoY34p3MXJwSAiYSNy7nNTFyMUhJHCUUWLXxk1MXYyc QHFTidl7OxlBbF4BQYmTM5+wgNjMAhYSU6/sZ4Sw5SWat85mBrFZBFQl9h15ARZnE9CUmH/p IFi9iICCxJUlG1lAFjALTGaSWN9/hBUkISxgI/HrxQqwIn4BYYlPdy+yghzEKRAo0f9ZAeKg NiaJ47dvMEMc4SKxfPdRdojjVCQ+/H4AZosKKEvcPPycfQKj4Cwkt85CcussJLcuYGRexSiQ WGasl5lcrJeWX1SSoZdetIkRHOSMvjsYb29+q3eIkYmD8RCjBAezkgiv8+8XcUK8KYmVValF +fFFpTmpxYcYpTlYlMR587iXxwoJpCeWpGanphakFsFkmTg4pRqYMmVKsrVfCJZure/K92j8 8nr7Xr0XzDO43eZ8m7FPI1ZdR9H/u2ebGK/446k7pt/SODwr1PH+H73VBfk3zjIv4rv548Pf OoM1R5dePSOpl89/u9h53jzLvQWCl2YYlbe/LVd4q54SP/3fmoJV5XseXfy0pqJ+2kf53Kq6 4LlFEivbMmqP7EhZZnhAWPHgnjkXIg7nuOz13nz7yZ6ICXerfG2kyy4sXpdT5V4sp/G4Qvq/ 3Fk3SbcDR6tFe2uuP7vZe2375eNfdTdzH49QiZrq5+HO8Zlb8MpLnXPPYzr6pzN3CXx84L7z xM25ctWiXDVe7w5G87AERUSvPLYovMTRXexH7/HzTG9r/7Aw89xYp8RSnJFoqMVcVJwIAHwp EdrhAgAA X-Greylist: inspected by milter-greylist-4.6.2 (mailgate-2.ics.forth.gr [139.91.1.5]); Wed, 17 Jun 2020 05:28:20 +0000 (GMT) for IP:'139.91.1.77' DOMAIN:'av3in' HELO:'av3.ics.forth.gr' FROM:'mick@ics.forth.gr' RCPT:'' X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mailgate-2.ics.forth.gr [139.91.1.5]); Wed, 17 Jun 2020 05:28:20 +0000 (GMT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Στις 2020-06-17 04:56, Zong Li έγραψε: > On Tue, Jun 16, 2020 at 8:27 PM Nick Kossifidis > wrote: >> >> Στις 2020-06-16 10:45, Zong Li έγραψε: >> > Implement the 'devmem_is_allowed()' interface for RISC-V, like some of >> > other architectures have done. It will be called from >> > range_is_allowed() >> > when userpsace attempts to access /dev/mem. >> > >> > Access to exclusive IOMEM and kernel RAM is denied unless >> > CONFIG_STRICT_DEVMEM is set to 'n'. >> > >> > Test it by devmem, the result as follows: >> > >> > - CONFIG_STRICT_DEVMEM=y >> > $ devmem 0x10010000 >> > 0x00000000 >> > $ devmem 0x80200000 >> > 0x0000106F >> > >> > - CONFIG_STRICT_DEVMEM is not set >> > $ devmem 0x10010000 >> > devmem: mmap: Operation not permitted >> > $ devmem 0x80200000 >> > devmem: mmap: Operation not permitted >> > >> > Signed-off-by: Zong Li >> > --- >> > arch/riscv/Kconfig | 1 + >> > arch/riscv/include/asm/io.h | 2 ++ >> > arch/riscv/mm/init.c | 19 +++++++++++++++++++ >> > 3 files changed, 22 insertions(+) >> > >> > diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig >> > index 128192e14ff2..ffd7841ede4c 100644 >> > --- a/arch/riscv/Kconfig >> > +++ b/arch/riscv/Kconfig >> > @@ -16,6 +16,7 @@ config RISCV >> > select ARCH_HAS_BINFMT_FLAT >> > select ARCH_HAS_DEBUG_VIRTUAL if MMU >> > select ARCH_HAS_DEBUG_WX >> > + select ARCH_HAS_DEVMEM_IS_ALLOWED >> > select ARCH_HAS_GCOV_PROFILE_ALL >> > select ARCH_HAS_GIGANTIC_PAGE >> > select ARCH_HAS_MMIOWB >> > diff --git a/arch/riscv/include/asm/io.h b/arch/riscv/include/asm/io.h >> > index 3835c3295dc5..04ac65ab93ce 100644 >> > --- a/arch/riscv/include/asm/io.h >> > +++ b/arch/riscv/include/asm/io.h >> > @@ -147,4 +147,6 @@ __io_writes_outs(outs, u64, q, __io_pbr(), >> > __io_paw()) >> > >> > #include >> > >> > +extern int devmem_is_allowed(unsigned long pfn); >> > + >> > #endif /* _ASM_RISCV_IO_H */ >> > diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c >> > index bbe816e03b2f..5e7e61519acc 100644 >> > --- a/arch/riscv/mm/init.c >> > +++ b/arch/riscv/mm/init.c >> > @@ -517,6 +517,25 @@ void mark_rodata_ro(void) >> > } >> > #endif >> > >> > +#ifdef CONFIG_STRICT_DEVMEM >> > +#include >> > +/* >> > + * devmem_is_allowed() checks to see if /dev/mem access to a certain >> > address >> > + * is valid. The argument is a physical page number. >> > + * >> > + * Disallow access to system RAM as well as device-exclusive MMIO >> > regions. >> > + * This effectively disable read()/write() on /dev/mem. >> > + */ >> > +int devmem_is_allowed(unsigned long pfn) >> > +{ >> > + if (iomem_is_exclusive(pfn << PAGE_SHIFT)) >> > + return 0; >> > + if (!page_is_ram(pfn)) >> > + return 1; >> > + return 0; >> > +} >> > +#endif >> > + >> > void __init resource_init(void) >> > { >> > struct memblock_region *region; >> >> This shouldn't be part of /mm/init.c, it has nothing to do with memory >> initialization, I suggest we move it to another file like mmap.c on > > Let me move it, thanks. > >> arm/arm64. Also before using iomem_is_exclusive we should probably >> also >> mark any reserved regions with the no-map attribute as busy|exclusive, >> reserved-memory regions are not necessarily part of the main memory so >> the page_is_ram check may pass and iomem_is_exclusive won't do any >> good. > > What do you think if we mark the reserved region in > kdump_resource_init, and change the kdump_resource_init to a more > generic name for initializing resources? Sounds good to me, I'll work on this within the week. Do you agree with marking the no-map reserved-memory regions as exclusive ?