[S390] mm: add devmem_is_allowed() for STRICT_DEVMEM checking
Provide the devmem_is_allowed() routine to restrict access to kernel memory from userspace. Set the CONFIG_STRICT_DEVMEM config option to switch on checking. Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
This commit is contained in:
parent
ca768b6631
commit
ec6743bb06
|
@ -6,6 +6,18 @@ config TRACE_IRQFLAGS_SUPPORT
|
||||||
|
|
||||||
source "lib/Kconfig.debug"
|
source "lib/Kconfig.debug"
|
||||||
|
|
||||||
|
config STRICT_DEVMEM
|
||||||
|
def_bool y
|
||||||
|
prompt "Filter access to /dev/mem"
|
||||||
|
---help---
|
||||||
|
This option restricts access to /dev/mem. If this option is
|
||||||
|
disabled, you allow userspace access to all memory, including
|
||||||
|
kernel and userspace memory. Accidental memory access is likely
|
||||||
|
to be disastrous.
|
||||||
|
Memory access is required for experts who want to debug the kernel.
|
||||||
|
|
||||||
|
If you are unsure, say Y.
|
||||||
|
|
||||||
config DEBUG_STRICT_USER_COPY_CHECKS
|
config DEBUG_STRICT_USER_COPY_CHECKS
|
||||||
bool "Strict user copy size checks"
|
bool "Strict user copy size checks"
|
||||||
---help---
|
---help---
|
||||||
|
|
|
@ -130,6 +130,11 @@ struct page;
|
||||||
void arch_free_page(struct page *page, int order);
|
void arch_free_page(struct page *page, int order);
|
||||||
void arch_alloc_page(struct page *page, int order);
|
void arch_alloc_page(struct page *page, int order);
|
||||||
|
|
||||||
|
static inline int devmem_is_allowed(unsigned long pfn)
|
||||||
|
{
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
#define HAVE_ARCH_FREE_PAGE
|
#define HAVE_ARCH_FREE_PAGE
|
||||||
#define HAVE_ARCH_ALLOC_PAGE
|
#define HAVE_ARCH_ALLOC_PAGE
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue