diff options
-rw-r--r-- | arch/x86/Kconfig.debug | 9 | ||||
-rw-r--r-- | arch/x86/configs/i386_defconfig | 2 | ||||
-rw-r--r-- | arch/x86/configs/x86_64_defconfig | 2 | ||||
-rw-r--r-- | arch/x86/mm/pat.c | 6 | ||||
-rw-r--r-- | drivers/char/mem.c | 2 |
5 files changed, 11 insertions, 10 deletions
diff --git a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug index f0cf5d990794..51c821477951 100644 --- a/arch/x86/Kconfig.debug +++ b/arch/x86/Kconfig.debug | |||
@@ -5,14 +5,15 @@ config TRACE_IRQFLAGS_SUPPORT | |||
5 | 5 | ||
6 | source "lib/Kconfig.debug" | 6 | source "lib/Kconfig.debug" |
7 | 7 | ||
8 | config PROMISC_DEVMEM | 8 | config STRICT_DEVMEM |
9 | bool "Allow unlimited access to /dev/mem" | 9 | bool "Filter access to /dev/mem" |
10 | default y | ||
11 | help | 10 | help |
12 | If this option is left on, you allow userspace (root) access to all | 11 | If this option is left on, you allow userspace (root) access to all |
13 | of memory, including kernel and userspace memory. Accidental | 12 | of memory, including kernel and userspace memory. Accidental |
14 | access to this is obviously disastrous, but specific access can | 13 | access to this is obviously disastrous, but specific access can |
15 | be used by people debugging the kernel. | 14 | be used by people debugging the kernel. Note that with PAT support |
15 | enabled, even in this case there are restrictions on /dev/mem | ||
16 | use due to the cache aliasing requirements. | ||
16 | 17 | ||
17 | If this option is switched on, the /dev/mem file only allows | 18 | If this option is switched on, the /dev/mem file only allows |
18 | userspace access to PCI space and the BIOS code and data regions. | 19 | userspace access to PCI space and the BIOS code and data regions. |
diff --git a/arch/x86/configs/i386_defconfig b/arch/x86/configs/i386_defconfig index 9bc34e2033ec..4d73f53287b6 100644 --- a/arch/x86/configs/i386_defconfig +++ b/arch/x86/configs/i386_defconfig | |||
@@ -2047,7 +2047,7 @@ CONFIG_PROVIDE_OHCI1394_DMA_INIT=y | |||
2047 | # CONFIG_SAMPLES is not set | 2047 | # CONFIG_SAMPLES is not set |
2048 | # CONFIG_KGDB is not set | 2048 | # CONFIG_KGDB is not set |
2049 | CONFIG_HAVE_ARCH_KGDB=y | 2049 | CONFIG_HAVE_ARCH_KGDB=y |
2050 | # CONFIG_NONPROMISC_DEVMEM is not set | 2050 | # CONFIG_STRICT_DEVMEM is not set |
2051 | CONFIG_EARLY_PRINTK=y | 2051 | CONFIG_EARLY_PRINTK=y |
2052 | CONFIG_DEBUG_STACKOVERFLOW=y | 2052 | CONFIG_DEBUG_STACKOVERFLOW=y |
2053 | CONFIG_DEBUG_STACK_USAGE=y | 2053 | CONFIG_DEBUG_STACK_USAGE=y |
diff --git a/arch/x86/configs/x86_64_defconfig b/arch/x86/configs/x86_64_defconfig index ae5124e064d4..a40452429625 100644 --- a/arch/x86/configs/x86_64_defconfig +++ b/arch/x86/configs/x86_64_defconfig | |||
@@ -2012,7 +2012,7 @@ CONFIG_PROVIDE_OHCI1394_DMA_INIT=y | |||
2012 | # CONFIG_SAMPLES is not set | 2012 | # CONFIG_SAMPLES is not set |
2013 | # CONFIG_KGDB is not set | 2013 | # CONFIG_KGDB is not set |
2014 | CONFIG_HAVE_ARCH_KGDB=y | 2014 | CONFIG_HAVE_ARCH_KGDB=y |
2015 | # CONFIG_NONPROMISC_DEVMEM is not set | 2015 | # CONFIG_STRICT_DEVMEM is not set |
2016 | CONFIG_EARLY_PRINTK=y | 2016 | CONFIG_EARLY_PRINTK=y |
2017 | CONFIG_DEBUG_STACKOVERFLOW=y | 2017 | CONFIG_DEBUG_STACKOVERFLOW=y |
2018 | CONFIG_DEBUG_STACK_USAGE=y | 2018 | CONFIG_DEBUG_STACK_USAGE=y |
diff --git a/arch/x86/mm/pat.c b/arch/x86/mm/pat.c index c34dc483839c..6bb597f4d701 100644 --- a/arch/x86/mm/pat.c +++ b/arch/x86/mm/pat.c | |||
@@ -373,8 +373,8 @@ pgprot_t phys_mem_access_prot(struct file *file, unsigned long pfn, | |||
373 | return vma_prot; | 373 | return vma_prot; |
374 | } | 374 | } |
375 | 375 | ||
376 | #ifndef CONFIG_PROMISC_DEVMEM | 376 | #ifdef CONFIG_STRICT_DEVMEM |
377 | /* This check is done in drivers/char/mem.c in case of !PROMISC_DEVMEM*/ | 377 | /* This check is done in drivers/char/mem.c in case of STRICT_DEVMEM*/ |
378 | static inline int range_is_allowed(unsigned long pfn, unsigned long size) | 378 | static inline int range_is_allowed(unsigned long pfn, unsigned long size) |
379 | { | 379 | { |
380 | return 1; | 380 | return 1; |
@@ -398,7 +398,7 @@ static inline int range_is_allowed(unsigned long pfn, unsigned long size) | |||
398 | } | 398 | } |
399 | return 1; | 399 | return 1; |
400 | } | 400 | } |
401 | #endif /* CONFIG_PROMISC_DEVMEM */ | 401 | #endif /* CONFIG_STRICT_DEVMEM */ |
402 | 402 | ||
403 | int phys_mem_access_prot_allowed(struct file *file, unsigned long pfn, | 403 | int phys_mem_access_prot_allowed(struct file *file, unsigned long pfn, |
404 | unsigned long size, pgprot_t *vma_prot) | 404 | unsigned long size, pgprot_t *vma_prot) |
diff --git a/drivers/char/mem.c b/drivers/char/mem.c index de05775bd687..b6772d657547 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c | |||
@@ -80,7 +80,7 @@ static inline int valid_mmap_phys_addr_range(unsigned long pfn, size_t size) | |||
80 | } | 80 | } |
81 | #endif | 81 | #endif |
82 | 82 | ||
83 | #ifndef CONFIG_PROMISC_DEVMEM | 83 | #ifdef CONFIG_STRICT_DEVMEM |
84 | static inline int range_is_allowed(unsigned long pfn, unsigned long size) | 84 | static inline int range_is_allowed(unsigned long pfn, unsigned long size) |
85 | { | 85 | { |
86 | u64 from = ((u64)pfn) << PAGE_SHIFT; | 86 | u64 from = ((u64)pfn) << PAGE_SHIFT; |