aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristoph Hellwig <hch@infradead.org>2006-11-20 12:45:05 -0500
committerPaul Mackerras <paulus@samba.org>2006-12-04 04:39:57 -0500
commit5c3ecd659bd20cda214a402a3132c790cc886cd2 (patch)
treec95d77196c6ce5e9acc20d7ac2ff42cf18668b46
parent2ebb2477f9a61b436dd22b75189857df1a77e585 (diff)
[POWERPC] spufs: Avoid user-triggered oops in ptrace
When one of the spufs files is mapped into a process address space, regular users can use ptrace to attempt accessing them with access_process_vm(). With the way that the mappings currently work, this likely causes an oops. Setting the vm_flags to VM_IO makes sure that ptrace can not access them but returns an error code. This is not the perfect solution in case of the local store mapping, but it fixes the oops in a well-defined way. Also remove leftover VM_RESERVED flags in spufs. The VM_RESERVED flag is on it's way out and not checked by the memory managment code anymore. Signed-off-by: Arnd Bergmann <arnd.bergmann@de.ibm.com> Signed-off-by: Christoph Hellwig <chellwig@de.ibm.com> Signed-off-by: Paul Mackerras <paulus@samba.org>
-rw-r--r--arch/powerpc/platforms/cell/spufs/file.c15
1 files changed, 7 insertions, 8 deletions
diff --git a/arch/powerpc/platforms/cell/spufs/file.c b/arch/powerpc/platforms/cell/spufs/file.c
index c0cf9ee4d45f..55d7e0f4bb3b 100644
--- a/arch/powerpc/platforms/cell/spufs/file.c
+++ b/arch/powerpc/platforms/cell/spufs/file.c
@@ -132,7 +132,7 @@ spufs_mem_mmap(struct file *file, struct vm_area_struct *vma)
132 if (!(vma->vm_flags & VM_SHARED)) 132 if (!(vma->vm_flags & VM_SHARED))
133 return -EINVAL; 133 return -EINVAL;
134 134
135 /* FIXME: */ 135 vma->vm_flags |= VM_IO;
136 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot) 136 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot)
137 | _PAGE_NO_CACHE); 137 | _PAGE_NO_CACHE);
138 138
@@ -201,7 +201,7 @@ static int spufs_cntl_mmap(struct file *file, struct vm_area_struct *vma)
201 if (!(vma->vm_flags & VM_SHARED)) 201 if (!(vma->vm_flags & VM_SHARED))
202 return -EINVAL; 202 return -EINVAL;
203 203
204 vma->vm_flags |= VM_RESERVED; 204 vma->vm_flags |= VM_IO;
205 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot) 205 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot)
206 | _PAGE_NO_CACHE | _PAGE_GUARDED); 206 | _PAGE_NO_CACHE | _PAGE_GUARDED);
207 207
@@ -791,7 +791,7 @@ static int spufs_signal1_mmap(struct file *file, struct vm_area_struct *vma)
791 if (!(vma->vm_flags & VM_SHARED)) 791 if (!(vma->vm_flags & VM_SHARED))
792 return -EINVAL; 792 return -EINVAL;
793 793
794 vma->vm_flags |= VM_RESERVED; 794 vma->vm_flags |= VM_IO;
795 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot) 795 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot)
796 | _PAGE_NO_CACHE | _PAGE_GUARDED); 796 | _PAGE_NO_CACHE | _PAGE_GUARDED);
797 797
@@ -889,8 +889,7 @@ static int spufs_signal2_mmap(struct file *file, struct vm_area_struct *vma)
889 if (!(vma->vm_flags & VM_SHARED)) 889 if (!(vma->vm_flags & VM_SHARED))
890 return -EINVAL; 890 return -EINVAL;
891 891
892 /* FIXME: */ 892 vma->vm_flags |= VM_IO;
893 vma->vm_flags |= VM_RESERVED;
894 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot) 893 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot)
895 | _PAGE_NO_CACHE | _PAGE_GUARDED); 894 | _PAGE_NO_CACHE | _PAGE_GUARDED);
896 895
@@ -973,7 +972,7 @@ static int spufs_mss_mmap(struct file *file, struct vm_area_struct *vma)
973 if (!(vma->vm_flags & VM_SHARED)) 972 if (!(vma->vm_flags & VM_SHARED))
974 return -EINVAL; 973 return -EINVAL;
975 974
976 vma->vm_flags |= VM_RESERVED; 975 vma->vm_flags |= VM_IO;
977 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot) 976 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot)
978 | _PAGE_NO_CACHE | _PAGE_GUARDED); 977 | _PAGE_NO_CACHE | _PAGE_GUARDED);
979 978
@@ -1015,7 +1014,7 @@ static int spufs_psmap_mmap(struct file *file, struct vm_area_struct *vma)
1015 if (!(vma->vm_flags & VM_SHARED)) 1014 if (!(vma->vm_flags & VM_SHARED))
1016 return -EINVAL; 1015 return -EINVAL;
1017 1016
1018 vma->vm_flags |= VM_RESERVED; 1017 vma->vm_flags |= VM_IO;
1019 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot) 1018 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot)
1020 | _PAGE_NO_CACHE | _PAGE_GUARDED); 1019 | _PAGE_NO_CACHE | _PAGE_GUARDED);
1021 1020
@@ -1056,7 +1055,7 @@ static int spufs_mfc_mmap(struct file *file, struct vm_area_struct *vma)
1056 if (!(vma->vm_flags & VM_SHARED)) 1055 if (!(vma->vm_flags & VM_SHARED))
1057 return -EINVAL; 1056 return -EINVAL;
1058 1057
1059 vma->vm_flags |= VM_RESERVED; 1058 vma->vm_flags |= VM_IO;
1060 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot) 1059 vma->vm_page_prot = __pgprot(pgprot_val(vma->vm_page_prot)
1061 | _PAGE_NO_CACHE | _PAGE_GUARDED); 1060 | _PAGE_NO_CACHE | _PAGE_GUARDED);
1062 1061