Date:2010-09-08 02:31:19 (13 years 6 months ago)
Author:Maarten ter Huurne
Commit:b056cd7dd0bc423826ef51be48fe010efbc6e9cc
Message:/dev/mem: Add kernel config option to omit this device.

Omitting this device prevents software from accessing the hardware directly, which can cause trouble if the kernel accesses the same hardware.
It also saves some space on embedded systems.
Files: arch/x86/Kconfig.debug (1 diff)
drivers/char/Kconfig (1 diff)
drivers/char/mem.c (8 diffs)

Change Details

arch/x86/Kconfig.debug
77
88config STRICT_DEVMEM
99    bool "Filter access to /dev/mem"
10    depends on DEVMEM
1011    ---help---
1112      If this option is disabled, you allow userspace (root) access to all
1213      of memory, including kernel and userspace memory. Accidental
drivers/char/Kconfig
8888     information. For framebuffer console users, please refer to
8989     <file:Documentation/fb/fbcon.txt>.
9090
91config DEVMEM
92    bool "/dev/mem virtual device support"
93    default y
94    help
95      Say Y here if you want to support the /dev/mem device.
96      Some X server drivers access the video hardware using this device.
97      Accessing hardware directly from user space can be useful in some
98      cases, but it is not without risks.
99      When in doubt, say "N".
100
91101config DEVKMEM
92102    bool "/dev/kmem virtual device support"
93103    default y
drivers/char/mem.c
8989{
9090}
9191
92#ifdef CONFIG_DEVMEM
93
9294/*
9395 * This funcion reads the *physical* memory. The f_pos points directly to the
9496 * memory location.
...... 
212214    return written;
213215}
214216
217#endif
218
219#if defined(CONFIG_DEVMEM) || defined(CONFIG_DEVKMEM)
220
215221int __weak phys_mem_access_prot_allowed(struct file *file,
216222    unsigned long pfn, unsigned long size, pgprot_t *vma_prot)
217223{
...... 
333339    return 0;
334340}
335341
342#endif
343
336344#ifdef CONFIG_DEVKMEM
337345static int mmap_kmem(struct file *file, struct vm_area_struct *vma)
338346{
...... 
696704    return file->f_pos = 0;
697705}
698706
707#if defined(CONFIG_DEVMEM) || defined(CONFIG_DEVKMEM) || defined(CONFIG_DEVPORT)
699708/*
700709 * The memory devices use the full 32/64 bits of the offset, and so we cannot
701710 * check against negative addresses: they are ok. The return value is weird,
...... 
728737    mutex_unlock(&file->f_path.dentry->d_inode->i_mutex);
729738    return ret;
730739}
740#endif
731741
742#if defined(CONFIG_DEVMEM) || defined(CONFIG_DEVKMEM) || \
743        defined(CONFIG_DEVPORT) || defined(CONFIG_CRASH_DUMP)
732744static int open_port(struct inode * inode, struct file * filp)
733745{
734746    return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
735747}
748#endif
736749
737750#define zero_lseek null_lseek
738751#define full_lseek null_lseek
...... 
742755#define open_kmem open_mem
743756#define open_oldmem open_mem
744757
758#ifdef CONFIG_DEVMEM
745759static const struct file_operations mem_fops = {
746760    .llseek = memory_lseek,
747761    .read = read_mem,
...... 
750764    .open = open_mem,
751765    .get_unmapped_area = get_unmapped_area_mem,
752766};
767#endif
753768
754769#ifdef CONFIG_DEVKMEM
755770static const struct file_operations kmem_fops = {
...... 
841856    const struct file_operations *fops;
842857    struct backing_dev_info *dev_info;
843858} devlist[] = {
859#ifdef CONFIG_DEVMEM
844860     [1] = { "mem", 0, &mem_fops, &directly_mappable_cdev_bdi },
861#endif
845862#ifdef CONFIG_DEVKMEM
846863     [2] = { "kmem", 0, &kmem_fops, &directly_mappable_cdev_bdi },
847864#endif

Archive Download the corresponding diff file



interactive