| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABeCy1Y6ZO3igfRhdDQTSS0i2w9k2WTtJYwWUxuRT56UG9Zd8Q@mail.gmail.com>
Date: Mon, 1 Aug 2011 16:33:18 -0700
From: Venki Pallipadi <venki@...gle.com>
To: Michal Hocko <mhocko@...e.cz>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
"H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...e.hu>
Subject: Re: [PATCH resend] x86, PAT: honor CONFIG_STRICT_DEVMEM if pat is disabled
On Fri, Jul 22, 2011 at 2:01 AM, Michal Hocko <mhocko@...e.cz> wrote:
>
> since 0124cecf (x86, PAT: disable /dev/mem mmap RAM with PAT) we are
> disabling access to the system RAM as if STRICT_DEVMEM was enabled by
> default. If we, however, disable pat by nopat kernel parameter we can
> access that memory without considering CONFIG_STRICT_DEVMEM.
Looking at the code, I don't think this problem exists. Code in pat.c
disables /dev/mem mmap only when !CONFIG_STRICT_DEVMEM.
When CONFIG_STRICT_DEVMEM, irrespective of pat or nopat, code in mem.c
disables mmap access. The code in pat.c has no effect on whether mmap
is allowed or not.
When !CONFIG_STRICT_DEVMEM, mmap is disabled with pat. And on nopat
mmap is allowed with the check in pat.c:range_is_allowed() with the
change from commit 9e41bff2.
Thanks,
Venki
>
> Let's make the code to honor STRICT_DEVMEM while we still preserve
> disabled by default behavior. This means that the access to the system
> memory is granted only if nopat is provided and STRICT_DEVMEM is
> disabled.
>
> Signed-off-by: Michal Hocko <mhocko@...e.cz>
> ---
> arch/x86/mm/pat.c | 10 ++--------
> 1 files changed, 2 insertions(+), 8 deletions(-)
>
> diff --git a/arch/x86/mm/pat.c b/arch/x86/mm/pat.c
> index f6ff57b..fbaf3fc 100644
> --- a/arch/x86/mm/pat.c
> +++ b/arch/x86/mm/pat.c
> @@ -472,13 +472,6 @@ pgprot_t phys_mem_access_prot(struct file *file, unsigned long pfn,
> return vma_prot;
> }
>
> -#ifdef CONFIG_STRICT_DEVMEM
> -/* This check is done in drivers/char/mem.c in case of STRICT_DEVMEM*/
> -static inline int range_is_allowed(unsigned long pfn, unsigned long size)
> -{
> - return 1;
> -}
> -#else
> /* This check is needed to avoid cache aliasing when PAT is enabled */
> static inline int range_is_allowed(unsigned long pfn, unsigned long size)
> {
> @@ -486,8 +479,10 @@ static inline int range_is_allowed(unsigned long pfn, unsigned long size)
> u64 to = from + size;
> u64 cursor = from;
>
> +#ifndef CONFIG_STRICT_DEVMEM
> if (!pat_enabled)
> return 1;
> +#endif
>
> while (cursor < to) {
> if (!devmem_is_allowed(pfn)) {
> @@ -501,7 +496,6 @@ static inline int range_is_allowed(unsigned long pfn, unsigned long size)
> }
> return 1;
> }
> -#endif /* CONFIG_STRICT_DEVMEM */
>
> int phys_mem_access_prot_allowed(struct file *file, unsigned long pfn,
> unsigned long size, pgprot_t *vma_prot)
> --
> 1.7.5.4
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists