diff options
author | Arjan van de Ven <arjan@linux.intel.com> | 2008-04-29 03:58:34 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-29 11:05:59 -0400 |
commit | b781ecb6a379f155568ef7093e38c6c1d857fe53 (patch) | |
tree | eeba2401cfd0345647f3a8feec3a76d6be5dd3aa /drivers/char | |
parent | 0cddc0a906ee3e47ce3e09107d385ff89f87cd6d (diff) |
make /dev/kmem a config option
Make /dev/kmem a config option; /dev/kmem is VERY rarely used, and when
used, it's generally for no good (rootkits tend to be the most common
users). With this config option, users have the choice to disable
/dev/kmem, saving some size as well.
A patch to disable /dev/kmem has been in the Fedora and RHEL kernels for
4+ years now without any known problems or legit users of /dev/kmem.
[akpm@linux-foundation.org: make CONFIG_DEVKMEM default to y]
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'drivers/char')
-rw-r--r-- | drivers/char/Kconfig | 9 | ||||
-rw-r--r-- | drivers/char/mem.c | 10 |
2 files changed, 19 insertions, 0 deletions
diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig index 929d4fa73fd9..5dce3877eee5 100644 --- a/drivers/char/Kconfig +++ b/drivers/char/Kconfig | |||
@@ -80,6 +80,15 @@ config VT_HW_CONSOLE_BINDING | |||
80 | information. For framebuffer console users, please refer to | 80 | information. For framebuffer console users, please refer to |
81 | <file:Documentation/fb/fbcon.txt>. | 81 | <file:Documentation/fb/fbcon.txt>. |
82 | 82 | ||
83 | config DEVKMEM | ||
84 | bool "/dev/kmem virtual device support" | ||
85 | default y | ||
86 | help | ||
87 | Say Y here if you want to support the /dev/kmem device. The | ||
88 | /dev/kmem device is rarely used, but can be used for certain | ||
89 | kind of kernel debugging operations. | ||
90 | When in doubt, say "N". | ||
91 | |||
83 | config SERIAL_NONSTANDARD | 92 | config SERIAL_NONSTANDARD |
84 | bool "Non-standard serial port support" | 93 | bool "Non-standard serial port support" |
85 | depends on HAS_IOMEM | 94 | depends on HAS_IOMEM |
diff --git a/drivers/char/mem.c b/drivers/char/mem.c index e83623ead441..934ffafedaea 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c | |||
@@ -364,6 +364,7 @@ static int mmap_mem(struct file * file, struct vm_area_struct * vma) | |||
364 | return 0; | 364 | return 0; |
365 | } | 365 | } |
366 | 366 | ||
367 | #ifdef CONFIG_DEVKMEM | ||
367 | static int mmap_kmem(struct file * file, struct vm_area_struct * vma) | 368 | static int mmap_kmem(struct file * file, struct vm_area_struct * vma) |
368 | { | 369 | { |
369 | unsigned long pfn; | 370 | unsigned long pfn; |
@@ -384,6 +385,7 @@ static int mmap_kmem(struct file * file, struct vm_area_struct * vma) | |||
384 | vma->vm_pgoff = pfn; | 385 | vma->vm_pgoff = pfn; |
385 | return mmap_mem(file, vma); | 386 | return mmap_mem(file, vma); |
386 | } | 387 | } |
388 | #endif | ||
387 | 389 | ||
388 | #ifdef CONFIG_CRASH_DUMP | 390 | #ifdef CONFIG_CRASH_DUMP |
389 | /* | 391 | /* |
@@ -422,6 +424,7 @@ static ssize_t read_oldmem(struct file *file, char __user *buf, | |||
422 | extern long vread(char *buf, char *addr, unsigned long count); | 424 | extern long vread(char *buf, char *addr, unsigned long count); |
423 | extern long vwrite(char *buf, char *addr, unsigned long count); | 425 | extern long vwrite(char *buf, char *addr, unsigned long count); |
424 | 426 | ||
427 | #ifdef CONFIG_DEVKMEM | ||
425 | /* | 428 | /* |
426 | * This function reads the *virtual* memory as seen by the kernel. | 429 | * This function reads the *virtual* memory as seen by the kernel. |
427 | */ | 430 | */ |
@@ -626,6 +629,7 @@ static ssize_t write_kmem(struct file * file, const char __user * buf, | |||
626 | *ppos = p; | 629 | *ppos = p; |
627 | return virtr + wrote; | 630 | return virtr + wrote; |
628 | } | 631 | } |
632 | #endif | ||
629 | 633 | ||
630 | #ifdef CONFIG_DEVPORT | 634 | #ifdef CONFIG_DEVPORT |
631 | static ssize_t read_port(struct file * file, char __user * buf, | 635 | static ssize_t read_port(struct file * file, char __user * buf, |
@@ -803,6 +807,7 @@ static const struct file_operations mem_fops = { | |||
803 | .get_unmapped_area = get_unmapped_area_mem, | 807 | .get_unmapped_area = get_unmapped_area_mem, |
804 | }; | 808 | }; |
805 | 809 | ||
810 | #ifdef CONFIG_DEVKMEM | ||
806 | static const struct file_operations kmem_fops = { | 811 | static const struct file_operations kmem_fops = { |
807 | .llseek = memory_lseek, | 812 | .llseek = memory_lseek, |
808 | .read = read_kmem, | 813 | .read = read_kmem, |
@@ -811,6 +816,7 @@ static const struct file_operations kmem_fops = { | |||
811 | .open = open_kmem, | 816 | .open = open_kmem, |
812 | .get_unmapped_area = get_unmapped_area_mem, | 817 | .get_unmapped_area = get_unmapped_area_mem, |
813 | }; | 818 | }; |
819 | #endif | ||
814 | 820 | ||
815 | static const struct file_operations null_fops = { | 821 | static const struct file_operations null_fops = { |
816 | .llseek = null_lseek, | 822 | .llseek = null_lseek, |
@@ -889,11 +895,13 @@ static int memory_open(struct inode * inode, struct file * filp) | |||
889 | filp->f_mapping->backing_dev_info = | 895 | filp->f_mapping->backing_dev_info = |
890 | &directly_mappable_cdev_bdi; | 896 | &directly_mappable_cdev_bdi; |
891 | break; | 897 | break; |
898 | #ifdef CONFIG_DEVKMEM | ||
892 | case 2: | 899 | case 2: |
893 | filp->f_op = &kmem_fops; | 900 | filp->f_op = &kmem_fops; |
894 | filp->f_mapping->backing_dev_info = | 901 | filp->f_mapping->backing_dev_info = |
895 | &directly_mappable_cdev_bdi; | 902 | &directly_mappable_cdev_bdi; |
896 | break; | 903 | break; |
904 | #endif | ||
897 | case 3: | 905 | case 3: |
898 | filp->f_op = &null_fops; | 906 | filp->f_op = &null_fops; |
899 | break; | 907 | break; |
@@ -942,7 +950,9 @@ static const struct { | |||
942 | const struct file_operations *fops; | 950 | const struct file_operations *fops; |
943 | } devlist[] = { /* list of minor devices */ | 951 | } devlist[] = { /* list of minor devices */ |
944 | {1, "mem", S_IRUSR | S_IWUSR | S_IRGRP, &mem_fops}, | 952 | {1, "mem", S_IRUSR | S_IWUSR | S_IRGRP, &mem_fops}, |
953 | #ifdef CONFIG_DEVKMEM | ||
945 | {2, "kmem", S_IRUSR | S_IWUSR | S_IRGRP, &kmem_fops}, | 954 | {2, "kmem", S_IRUSR | S_IWUSR | S_IRGRP, &kmem_fops}, |
955 | #endif | ||
946 | {3, "null", S_IRUGO | S_IWUGO, &null_fops}, | 956 | {3, "null", S_IRUGO | S_IWUGO, &null_fops}, |
947 | #ifdef CONFIG_DEVPORT | 957 | #ifdef CONFIG_DEVPORT |
948 | {4, "port", S_IRUSR | S_IWUSR | S_IRGRP, &port_fops}, | 958 | {4, "port", S_IRUSR | S_IWUSR | S_IRGRP, &port_fops}, |