From: Stephen Boyd <swboyd@chromium.org>
To: Dan Williams <dan.j.williams@intel.com>
Cc: linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
Evan Green <evgreen@chromium.org>,
Rob Herring <robh+dt@kernel.org>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
Andy Gross <agross@kernel.org>, Will Deacon <will.deacon@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>
Subject: [PATCH v2 5/5] soc: qcom: cmd-db: Map with read-only mappings
Date: Fri, 14 Jun 2019 13:37:17 -0700 [thread overview]
Message-ID: <20190614203717.75479-6-swboyd@chromium.org> (raw)
In-Reply-To: <20190614203717.75479-1-swboyd@chromium.org>
The command DB is read-only already to the kernel because everything is
const marked once we map it. Let's go one step further and try to map
the memory as read-only in the page tables. This should make it harder
for random code to corrupt the database and change the contents.
Cc: Evan Green <evgreen@chromium.org>
Cc: Rob Herring <robh+dt@kernel.org>
Cc: Bjorn Andersson <bjorn.andersson@linaro.org>
Cc: Andy Gross <agross@kernel.org>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
---
drivers/soc/qcom/cmd-db.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/soc/qcom/cmd-db.c b/drivers/soc/qcom/cmd-db.c
index 10a34d26b753..6365e8260282 100644
--- a/drivers/soc/qcom/cmd-db.c
+++ b/drivers/soc/qcom/cmd-db.c
@@ -240,7 +240,8 @@ static int cmd_db_dev_probe(struct platform_device *pdev)
{
int ret = 0;
- cmd_db_header = devm_memremap_reserved_mem(&pdev->dev, MEMREMAP_WB);
+ cmd_db_header = devm_memremap_reserved_mem(&pdev->dev,
+ MEMREMAP_RO | MEMREMAP_WB);
if (IS_ERR(cmd_db_header)) {
ret = PTR_ERR(cmd_db_header);
cmd_db_header = NULL;
--
Sent by a computer through tubes
WARNING: multiple messages have this Message-ID (diff)
From: Stephen Boyd <swboyd@chromium.org>
To: Dan Williams <dan.j.williams@intel.com>
Cc: devicetree@vger.kernel.org, linux-arm-msm@vger.kernel.org,
Will Deacon <will.deacon@arm.com>,
linux-kernel@vger.kernel.org, Evan Green <evgreen@chromium.org>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
Rob Herring <robh+dt@kernel.org>, Andy Gross <agross@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
linux-arm-kernel@lists.infradead.org
Subject: [PATCH v2 5/5] soc: qcom: cmd-db: Map with read-only mappings
Date: Fri, 14 Jun 2019 13:37:17 -0700 [thread overview]
Message-ID: <20190614203717.75479-6-swboyd@chromium.org> (raw)
In-Reply-To: <20190614203717.75479-1-swboyd@chromium.org>
The command DB is read-only already to the kernel because everything is
const marked once we map it. Let's go one step further and try to map
the memory as read-only in the page tables. This should make it harder
for random code to corrupt the database and change the contents.
Cc: Evan Green <evgreen@chromium.org>
Cc: Rob Herring <robh+dt@kernel.org>
Cc: Bjorn Andersson <bjorn.andersson@linaro.org>
Cc: Andy Gross <agross@kernel.org>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
---
drivers/soc/qcom/cmd-db.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/soc/qcom/cmd-db.c b/drivers/soc/qcom/cmd-db.c
index 10a34d26b753..6365e8260282 100644
--- a/drivers/soc/qcom/cmd-db.c
+++ b/drivers/soc/qcom/cmd-db.c
@@ -240,7 +240,8 @@ static int cmd_db_dev_probe(struct platform_device *pdev)
{
int ret = 0;
- cmd_db_header = devm_memremap_reserved_mem(&pdev->dev, MEMREMAP_WB);
+ cmd_db_header = devm_memremap_reserved_mem(&pdev->dev,
+ MEMREMAP_RO | MEMREMAP_WB);
if (IS_ERR(cmd_db_header)) {
ret = PTR_ERR(cmd_db_header);
cmd_db_header = NULL;
--
Sent by a computer through tubes
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-06-14 20:37 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-14 20:37 [PATCH v2 0/5] Read-only memremap() Stephen Boyd
2019-06-14 20:37 ` Stephen Boyd
2019-06-14 20:37 ` [PATCH v2 1/5] reserved_mem: Add a devm_memremap_reserved_mem() API Stephen Boyd
2019-06-14 20:37 ` Stephen Boyd
2019-06-14 20:37 ` [PATCH v2 2/5] soc: qcom: cmd-db: Migrate to devm_memremap_reserved_mem() Stephen Boyd
2019-06-14 20:37 ` Stephen Boyd
2019-06-14 20:37 ` [PATCH v2 3/5] memremap: Add support for read-only memory mappings Stephen Boyd
2019-06-14 20:37 ` Stephen Boyd
2019-07-10 14:14 ` Will Deacon
2019-07-10 14:14 ` Will Deacon
2019-07-18 18:00 ` Stephen Boyd
2019-07-18 18:00 ` Stephen Boyd
2019-06-14 20:37 ` [PATCH v2 4/5] arm64: Add support for arch_memremap_ro() Stephen Boyd
2019-06-14 20:37 ` Stephen Boyd
2019-06-14 20:37 ` Stephen Boyd [this message]
2019-06-14 20:37 ` [PATCH v2 5/5] soc: qcom: cmd-db: Map with read-only mappings Stephen Boyd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190614203717.75479-6-swboyd@chromium.org \
--to=swboyd@chromium.org \
--cc=agross@kernel.org \
--cc=bjorn.andersson@linaro.org \
--cc=catalin.marinas@arm.com \
--cc=dan.j.williams@intel.com \
--cc=devicetree@vger.kernel.org \
--cc=evgreen@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=robh+dt@kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.