lib: Add a generic version of devmem_is_allowed()

As part of adding support for STRICT_DEVMEM to the RISC-V port, Zong provided a devmem_is_allowed() implementation that's exactly the same as all the others I checked. Instead I'm adding a generic version, which will soon be used. Reviewed-by: Luis Chamberlain <mcgrof@kernel.org> Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
2024-11-11 06:31:49 +00:00 · 2020-07-09 11:43:21 -07:00 · 2020-07-09 11:43:21 -07:00 · 527701eda5
commit 527701eda5
parent bbf5c97901
5 changed files with 37 additions and 1 deletions
--- a/include/asm-generic/io.h
+++ b/include/asm-generic/io.h
@ -1122,6 +1122,10 @@ static inline void memcpy_toio(volatile void __iomem *addr, const void *buffer,
 }
 #endif

+#ifndef CONFIG_GENERIC_DEVMEM_IS_ALLOWED
+extern int devmem_is_allowed(unsigned long pfn);
+#endif
+
 #endif /* __KERNEL__ */

 #endif /* __ASM_GENERIC_IO_H */
--- a/lib/Kconfig
+++ b/lib/Kconfig
@ -681,6 +681,9 @@ config GENERIC_LIB_CMPDI2
 config GENERIC_LIB_UCMPDI2
 	bool

+config GENERIC_LIB_DEVMEM_IS_ALLOWED
+	bool
+
 config PLDMFW
 	bool
 	default n
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@ -1626,7 +1626,7 @@ config ARCH_HAS_DEVMEM_IS_ALLOWED
 config STRICT_DEVMEM
 	bool "Filter access to /dev/mem"
 	depends on MMU && DEVMEM
-	depends on ARCH_HAS_DEVMEM_IS_ALLOWED
+	depends on ARCH_HAS_DEVMEM_IS_ALLOWED || GENERIC_LIB_DEVMEM_IS_ALLOWED
 	default y if PPC || X86 || ARM64
 	help
 	  If this option is disabled, you allow userspace (root) access to all
--- a/lib/Makefile
+++ b/lib/Makefile
@ -348,3 +348,5 @@ obj-$(CONFIG_PLDMFW) += pldmfw/
 obj-$(CONFIG_LIST_KUNIT_TEST) += list-test.o
 obj-$(CONFIG_LINEAR_RANGES_TEST) += test_linear_ranges.o
 obj-$(CONFIG_BITS_TEST) += test_bits.o
+
+obj-$(CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED) += devmem_is_allowed.o
--- a/lib/devmem_is_allowed.c
+++ b/lib/devmem_is_allowed.c
@ -0,0 +1,27 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * A generic version of devmem_is_allowed.
+ *
+ * Based on arch/arm64/mm/mmap.c
+ *
+ * Copyright (C) 2020 Google, Inc.
+ * Copyright (C) 2012 ARM Ltd.
+ */
+
+#include <linux/mm.h>
+#include <linux/ioport.h>
+
+/*
+ * devmem_is_allowed() checks to see if /dev/mem access to a certain address
+ * is valid. The argument is a physical page number.  We mimic x86 here by
+ * disallowing access to system RAM as well as device-exclusive MMIO regions.
+ * This effectively disable read()/write() on /dev/mem.
+ */
+int devmem_is_allowed(unsigned long pfn)
+{
+	if (iomem_is_exclusive(pfn << PAGE_SHIFT))
+		return 0;
+	if (!page_is_ram(pfn))
+		return 1;
+	return 0;
+}