Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1695857ybt; Thu, 9 Jul 2020 13:09:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzPZAoLO21W7lTWkPOcpyHmePgoFOJ1+uzSaIY9nPQsrQy+udSWXq2jSR7dO8WFQ+gf969V X-Received: by 2002:a05:6402:cb9:: with SMTP id cn25mr63008203edb.247.1594325367638; Thu, 09 Jul 2020 13:09:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594325367; cv=none; d=google.com; s=arc-20160816; b=rOZ5vBmGFLFxf8BFzfv8Foigz7IcnPEMObHeT8BkMxTjPRxnzVyoRcSJ2m4pTyrn5C sDwtGDZPUVDwsD7uzo65wHHWSwPkAZcxCFM4d/PrnxDucwct1/k/NcvIKPXJwFHCT1oG 4s06kT724Q3/QdQuM6HCTGT83hD52zkmiFp68ARjZYr3wfoNCdJq7PtV7mlPCdniRcM6 u7bbauDEm/GOoITPXuqaZ2sg/10BxHdNh/4MiosPozn7zevBR2CLXWzZP8PdA7FpxgIX TkQO97QC9smFyx00DtIjjIEeOxTk0Wfxf+0mzZYBi1aTTm8qrkbW/5dBLCGM6njmw1mf UGbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:to:from:cc:in-reply-to:subject:date:dkim-signature; bh=pLBedoQfpK2DgMyeYFLuVKUfBSYZwpag97/6iT786IQ=; b=RvlWxBk4ra0rRIHI8BA3iLIbHlQs1LuBj4KGyxyAtqWTly3Vl8J1g6/YaXcLweITgL 45O/WZYwWx1omeLAoambB/cuOyAWqiz5A6SubWx0zDy8qFRDjw0oSiFZavtZFPpGKZrd 0PFg0Dha1fs4jWKK+YbasBEt9+VmYq0IPh+925+DucgDomvTn+Q2mv269Hj+vVFgjo4o ZyZF4lghmLCD4lEWAMzJeuFk1XgtuNX3HI6YgNjFdXVBtUaz2gX98h/8Uoav6YO5Tztm Zqh+K5u9inJFRryTh4dULLbVnLvNpF29PVYdwilhoTPLB3oZyUmf2LoTuW+7TNDwmznC 5RfA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@dabbelt-com.20150623.gappssmtp.com header.s=20150623 header.b=bpm55zll; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w13si2171397ejj.564.2020.07.09.13.09.04; Thu, 09 Jul 2020 13:09:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@dabbelt-com.20150623.gappssmtp.com header.s=20150623 header.b=bpm55zll; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726361AbgGIUIL (ORCPT + 99 others); Thu, 9 Jul 2020 16:08:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43012 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726196AbgGIUIL (ORCPT ); Thu, 9 Jul 2020 16:08:11 -0400 Received: from mail-pg1-x543.google.com (mail-pg1-x543.google.com [IPv6:2607:f8b0:4864:20::543]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7380CC08C5CE for ; Thu, 9 Jul 2020 13:08:11 -0700 (PDT) Received: by mail-pg1-x543.google.com with SMTP id j19so1430596pgm.11 for ; Thu, 09 Jul 2020 13:08:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dabbelt-com.20150623.gappssmtp.com; s=20150623; h=date:subject:in-reply-to:cc:from:to:message-id:mime-version :content-transfer-encoding; bh=pLBedoQfpK2DgMyeYFLuVKUfBSYZwpag97/6iT786IQ=; b=bpm55zllAw8nlwKFmlpsqohQxm+EGW1RynZKF6buhnF4wFWwIploavQVBhMNxTThgZ pPIXgo28wYGMXRTU+PACEPxc+h26RmY8IWB+OHozzHXYyhBiF1S7hDaudJ04X41mqHli liIixSh/td8GVnVZNWIXKRxB5ag9lLKr2aWWAZsW+qbiQKT+s+lxPq1boL27HeCEjFzh vVvOZodoVauBt2UCj1TCW2+4bqGEDwtbNv7Gy/okhNRVvEe4prOUZm8sKf274iuMS/+Y fs0GYwPVAMwzla5KWSAK5Q2E45oh8HWiJpEpt5FffbTzC4otOb2Qu4h1ixxJZMG3Zh1w dL8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:subject:in-reply-to:cc:from:to:message-id :mime-version:content-transfer-encoding; bh=pLBedoQfpK2DgMyeYFLuVKUfBSYZwpag97/6iT786IQ=; b=UtnHYCKCqzr/7T++tBR0KVvRQIuHry6Ej1Q/Zbno9ZRve1GH0gZ/K0650E3V32f+JL fTmZ9riXu4CgDOdiwU95EeVkDnfQsH5jM0OoSDJ/KucgFfWwpyV6KrUfYYdQBZGgecSi 214lLwaR85jqp+OYxCnStRAjqAj9cXAwpN3ajbmVVjWZM7JfPPPz9fTIjixxmEuK5I2U Jbu48hJvjvyT0G4r3STgyd2f2FjEHzsAODvI1lp0ztq0DvtnAOATW9hSyhwOB0beitiZ IzV3O1YtAzBfi2ct7GfymAIi5Nfmow9rIU13f280sk6KAEmjiBzgh5enOhV57eUSleWt ddlg== X-Gm-Message-State: AOAM531iO5p/2Yt5gJgtuDClqSiqXCOifOr1Ru1joDTH7MoQ2kBlgjy+ oNPGPWokyWd385DLT85qlqXisVnkHTcsHw== X-Received: by 2002:a05:6a00:2bb:: with SMTP id q27mr58904437pfs.176.1594325290692; Thu, 09 Jul 2020 13:08:10 -0700 (PDT) Received: from localhost (76-210-143-223.lightspeed.sntcca.sbcglobal.net. [76.210.143.223]) by smtp.gmail.com with ESMTPSA id b18sm3467144pju.10.2020.07.09.13.08.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 09 Jul 2020 13:08:10 -0700 (PDT) Date: Thu, 09 Jul 2020 13:08:10 -0700 (PDT) X-Google-Original-Date: Thu, 09 Jul 2020 12:31:05 PDT (-0700) Subject: Re: [PATCH 2/2] riscv: Support CONFIG_STRICT_DEVMEM In-Reply-To: <7faa60aa4a606b5c5c1ae374d82a7eee6c764b38.1592292685.git.zong.li@sifive.com> CC: Paul Walmsley , linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, zong.li@sifive.com From: Palmer Dabbelt To: zong.li@sifive.com Message-ID: Mime-Version: 1.0 (MHng) Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 16 Jun 2020 00:45:47 PDT (-0700), zong.li@sifive.com wrote: > Implement the 'devmem_is_allowed()' interface for RISC-V, like some of > other architectures have done. It will be called from range_is_allowed() > when userpsace attempts to access /dev/mem. In fact, it's exactly the same (down to a few words of the comment) to the others that I checked. I'm going to put a generic version in lib/ instead, I've sent out the patches. > Access to exclusive IOMEM and kernel RAM is denied unless > CONFIG_STRICT_DEVMEM is set to 'n'. > > Test it by devmem, the result as follows: > > - CONFIG_STRICT_DEVMEM=y > $ devmem 0x10010000 > 0x00000000 > $ devmem 0x80200000 > 0x0000106F > > - CONFIG_STRICT_DEVMEM is not set > $ devmem 0x10010000 > devmem: mmap: Operation not permitted > $ devmem 0x80200000 > devmem: mmap: Operation not permitted > > Signed-off-by: Zong Li > --- > arch/riscv/Kconfig | 1 + > arch/riscv/include/asm/io.h | 2 ++ > arch/riscv/mm/init.c | 19 +++++++++++++++++++ > 3 files changed, 22 insertions(+) > > diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig > index 128192e14ff2..ffd7841ede4c 100644 > --- a/arch/riscv/Kconfig > +++ b/arch/riscv/Kconfig > @@ -16,6 +16,7 @@ config RISCV > select ARCH_HAS_BINFMT_FLAT > select ARCH_HAS_DEBUG_VIRTUAL if MMU > select ARCH_HAS_DEBUG_WX > + select ARCH_HAS_DEVMEM_IS_ALLOWED > select ARCH_HAS_GCOV_PROFILE_ALL > select ARCH_HAS_GIGANTIC_PAGE > select ARCH_HAS_MMIOWB > diff --git a/arch/riscv/include/asm/io.h b/arch/riscv/include/asm/io.h > index 3835c3295dc5..04ac65ab93ce 100644 > --- a/arch/riscv/include/asm/io.h > +++ b/arch/riscv/include/asm/io.h > @@ -147,4 +147,6 @@ __io_writes_outs(outs, u64, q, __io_pbr(), __io_paw()) > > #include > > +extern int devmem_is_allowed(unsigned long pfn); > + > #endif /* _ASM_RISCV_IO_H */ > diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c > index bbe816e03b2f..5e7e61519acc 100644 > --- a/arch/riscv/mm/init.c > +++ b/arch/riscv/mm/init.c > @@ -517,6 +517,25 @@ void mark_rodata_ro(void) > } > #endif > > +#ifdef CONFIG_STRICT_DEVMEM > +#include > +/* > + * devmem_is_allowed() checks to see if /dev/mem access to a certain address > + * is valid. The argument is a physical page number. > + * > + * Disallow access to system RAM as well as device-exclusive MMIO regions. > + * This effectively disable read()/write() on /dev/mem. > + */ > +int devmem_is_allowed(unsigned long pfn) > +{ > + if (iomem_is_exclusive(pfn << PAGE_SHIFT)) > + return 0; > + if (!page_is_ram(pfn)) > + return 1; > + return 0; > +} > +#endif > + > void __init resource_init(void) > { > struct memblock_region *region;