From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.8 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C8B4AC388F9 for ; Tue, 3 Nov 2020 21:28:44 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 783702236F for ; Tue, 3 Nov 2020 21:28:44 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="r3rNM/R7" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 783702236F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 075676B0068; Tue, 3 Nov 2020 16:28:44 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 04FD26B006C; Tue, 3 Nov 2020 16:28:43 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id ECC846B006E; Tue, 3 Nov 2020 16:28:43 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0193.hostedemail.com [216.40.44.193]) by kanga.kvack.org (Postfix) with ESMTP id BDD666B0068 for ; Tue, 3 Nov 2020 16:28:43 -0500 (EST) Received: from smtpin27.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 60942180AD802 for ; Tue, 3 Nov 2020 21:28:43 +0000 (UTC) X-FDA: 77444396526.27.jewel06_3f0f571272bb Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin27.hostedemail.com (Postfix) with ESMTP id 454DC3D669 for ; Tue, 3 Nov 2020 21:28:43 +0000 (UTC) X-HE-Tag: jewel06_3f0f571272bb X-Filterd-Recvd-Size: 4376 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf01.hostedemail.com (Postfix) with ESMTP for ; Tue, 3 Nov 2020 21:28:42 +0000 (UTC) Received: from localhost (230.sub-72-107-127.myvzw.com [72.107.127.230]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 8D35D2074B; Tue, 3 Nov 2020 21:28:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1604438921; bh=8ytUCsyZVeF3ujFgYm5L1sW7UkyVhphiOKLK38YXOJo=; h=Date:From:To:Cc:Subject:In-Reply-To:From; b=r3rNM/R7N18tFkDui7jKc1s7Rf1w4AGB0oy4QLfqljsFx0cgfbQoVLb4YXPv8FJ21 3GOcK6tXRCXbaRCS5TJewrPlPhPnEk4+UMQFmaSlDABV6b/XkOfyrQcMw74G4iOpe0 oHBd90d8NCZ7lRYb6RIVYqEyC0t2dJj32/rqukig= Date: Tue, 3 Nov 2020 15:28:40 -0600 From: Bjorn Helgaas To: Daniel Vetter Cc: DRI Development , LKML , kvm@vger.kernel.org, linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linux-samsung-soc@vger.kernel.org, linux-media@vger.kernel.org, Daniel Vetter , Jason Gunthorpe , Kees Cook , Dan Williams , Andrew Morton , John Hubbard , =?iso-8859-1?B?Suly9G1l?= Glisse , Jan Kara , Bjorn Helgaas , linux-pci@vger.kernel.org Subject: Re: [PATCH v5 11/15] PCI: Obey iomem restrictions for procfs mmap Message-ID: <20201103212840.GA266427@bjorn-Precision-5520> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline In-Reply-To: <20201030100815.2269-12-daniel.vetter@ffwll.ch> Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Oct 30, 2020 at 11:08:11AM +0100, Daniel Vetter wrote: > There's three ways to access PCI BARs from userspace: /dev/mem, sysfs > files, and the old proc interface. Two check against > iomem_is_exclusive, proc never did. And with CONFIG_IO_STRICT_DEVMEM, > this starts to matter, since we don't want random userspace having > access to PCI BARs while a driver is loaded and using it. >=20 > Fix this by adding the same iomem_is_exclusive() check we already have > on the sysfs side in pci_mmap_resource(). >=20 > References: 90a545e98126 ("restrict /dev/mem to idle io memory ranges") > Signed-off-by: Daniel Vetter This is OK with me but it looks like IORESOURCE_EXCLUSIVE is currently only used in a few places: e1000_probe() calls pci_request_selected_regions_exclusive(), ne_pci_probe() calls pci_request_regions_exclusive(), vmbus_allocate_mmio() calls request_mem_region_exclusive() which raises the question of whether it's worth keeping IORESOURCE_EXCLUSIVE at all. I'm totally fine with removing it completely. But if you want it, Acked-by: Bjorn Helgaas > Cc: Jason Gunthorpe > Cc: Kees Cook > Cc: Dan Williams > Cc: Andrew Morton > Cc: John Hubbard > Cc: J=E9r=F4me Glisse > Cc: Jan Kara > Cc: Dan Williams > Cc: linux-mm@kvack.org > Cc: linux-arm-kernel@lists.infradead.org > Cc: linux-samsung-soc@vger.kernel.org > Cc: linux-media@vger.kernel.org > Cc: Bjorn Helgaas > Cc: linux-pci@vger.kernel.org > Signed-off-by: Daniel Vetter > -- > v2: Improve commit message (Bjorn) > --- > drivers/pci/proc.c | 5 +++++ > 1 file changed, 5 insertions(+) >=20 > diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c > index d35186b01d98..3a2f90beb4cb 100644 > --- a/drivers/pci/proc.c > +++ b/drivers/pci/proc.c > @@ -274,6 +274,11 @@ static int proc_bus_pci_mmap(struct file *file, st= ruct vm_area_struct *vma) > else > return -EINVAL; > } > + > + if (dev->resource[i].flags & IORESOURCE_MEM && > + iomem_is_exclusive(dev->resource[i].start)) > + return -EINVAL; > + > ret =3D pci_mmap_page_range(dev, i, vma, > fpriv->mmap_state, write_combine); > if (ret < 0) > --=20 > 2.28.0 >=20