On Mon, Jan 31, 2011 at 2:25 PM, Josh Boyer <jwbo...@gmail.com> wrote: > On Mon, Jan 31, 2011 at 2:16 PM, Steve Best <sfb...@us.ibm.com> wrote: >> Provide devmem_is_allowed() routine to restrict access to kernel >> memory from userspace. >> Set CONFIG_STRICT_DEVMEM config option to switch on checking. >> >> Signed-off-by: Steve Best <sfb...@us.ibm.com> >> >> diff --git a/arch/powerpc/Kconfig.debug b/arch/powerpc/Kconfig.debug >> index 2d38a50..6805d5d 100644 >> --- a/arch/powerpc/Kconfig.debug >> +++ b/arch/powerpc/Kconfig.debug >> @@ -299,4 +299,16 @@ config PPC_EARLY_DEBUG_CPM_ADDR >> platform probing is done, all platforms selected must >> share the same address. >> >> +config STRICT_DEVMEM >> + def_bool y >> + prompt "Filter access to /dev/mem" >> + ---help--- >> + This option restricts access to /dev/mem. If this option is >> + disabled, you allow userspace access to all memory, including >> + kernel and userspace memory. Accidental memory access is likely >> + to be disastrous. >> + Memory access is required for experts who want to debug the >> kernel. >> + >> + If you are unsure, say Y. >> + >> endmenu >> diff --git a/arch/powerpc/include/asm/page.h >> b/arch/powerpc/include/asm/page.h >> index 53b64be..f225032 100644 >> --- a/arch/powerpc/include/asm/page.h >> +++ b/arch/powerpc/include/asm/page.h >> @@ -262,6 +262,11 @@ extern void copy_user_page(void *to, void *from, >> unsigned long vaddr, >> struct page *p); >> extern int page_is_ram(unsigned long pfn); >> >> +static inline int devmem_is_allowed(unsigned long pfn) >> +{ >> + return 0; >> +} >> + > > Er, should this be toggled via CONFIG_STRICT_DEVMEM somehow? Or I > guess I'm missing why the config option had to be added if not.
Nevermind. I see that it's done in the drivers/char/mem.c file. Should have looked more first. josh _______________________________________________ Linuxppc-dev mailing list Linuxppc-dev@lists.ozlabs.org https://lists.ozlabs.org/listinfo/linuxppc-dev