[RFC PATCH] restrict /dev/mem to idle io memory ranges
Arnd Bergmann
arnd at arndb.de
Fri Nov 20 12:00:29 PST 2015
On Friday 20 November 2015 09:31:33 Dan Williams wrote:
> This effectively promotes IORESOURCE_BUSY to IORESOURCE_EXCLUSIVE
> semantics by default. If userspace really believes it is safe to access
> the memory region it can also perform the extra step of disabling an
> active driver. This protects device address ranges with read side
> effects and otherwise directs userspace to use the driver.
>
> Persistent memory presents a large "mistake surface" to /dev/mem as now
> accidental writes can corrupt a filesystem.
>
> Cc: Kees Cook <keescook at chromium.org>
> Cc: Russell King <linux at arm.linux.org.uk>
> Cc: Catalin Marinas <catalin.marinas at arm.com>
> Cc: Will Deacon <will.deacon at arm.com>
> Cc: Benjamin Herrenschmidt <benh at kernel.crashing.org>
> Cc: Martin Schwidefsky <schwidefsky at de.ibm.com>
> Cc: Heiko Carstens <heiko.carstens at de.ibm.com>
> Cc: Thomas Gleixner <tglx at linutronix.de>
> Cc: Ingo Molnar <mingo at redhat.com>
> Cc: "H. Peter Anvin" <hpa at zytor.com>
> Cc: Andrew Morton <akpm at linux-foundation.org>
> Cc: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
> Signed-off-by: Dan Williams <dan.j.williams at intel.com>
>
I like the idea.
Maybe split the change up into two patches, where the first one
just does the trivial move of the Kconfig option, and the second
one that changes behavior is small?
There is also a question of whether we actually need two options
or if we can safely make the existing option stricter.
Arnd
More information about the linux-arm-kernel
mailing list