[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240503075619.394467-2-mpe@ellerman.id.au>
Date: Fri, 3 May 2024 17:56:19 +1000
From: Michael Ellerman <mpe@...erman.id.au>
To: <linuxppc-dev@...ts.ozlabs.org>
Cc: <arnd@...db.de>,
naresh.kamboju@...aro.org,
<linux-kernel@...r.kernel.org>,
<nathan@...nel.org>
Subject: [PATCH v2 2/2] powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
There is code that builds with calls to IO accessors even when
CONFIG_PCI=n, but the actual calls are guarded by runtime checks.
If not those calls would be faulting, because the page at virtual
address zero is (usually) not mapped into the kernel. As Arnd pointed
out, it is possible a large port value could cause the address to be
above mmap_min_addr which would then access userspace, which would be
a bug.
To avoid any such issues, set _IO_BASE to POISON_POINTER_DELTA. That
is a value chosen to point into unmapped space between the kernel and
userspace, so any access will always fault.
Note that on 32-bit POISON_POINTER_DELTA is 0, so the patch only has an
effect on 64-bit.
Signed-off-by: Michael Ellerman <mpe@...erman.id.au>
---
arch/powerpc/include/asm/io.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
v2: Patch unchanged, changelog updated to reflect patch 1.
diff --git a/arch/powerpc/include/asm/io.h b/arch/powerpc/include/asm/io.h
index ba2e13bb879d..048e3705af20 100644
--- a/arch/powerpc/include/asm/io.h
+++ b/arch/powerpc/include/asm/io.h
@@ -37,7 +37,7 @@ extern struct pci_dev *isa_bridge_pcidev;
* define properly based on the platform
*/
#ifndef CONFIG_PCI
-#define _IO_BASE 0
+#define _IO_BASE POISON_POINTER_DELTA
#define _ISA_MEM_BASE 0
#define PCI_DRAM_OFFSET 0
#elif defined(CONFIG_PPC32)
--
2.44.0
Powered by blists - more mailing lists