[PATCH 10/20] alpha/PCI: Add security_locked_down() check to pci_mmap_resource()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Krzysztof Wilczyński" <kwilczynski@kernel.org>
To: Bjorn Helgaas <bhelgaas@google.com>
Cc: "Bjorn Helgaas" <helgaas@kernel.org>,
	"Manivannan Sadhasivam" <mani@kernel.org>,
	"Lorenzo Pieralisi" <lpieralisi@kernel.org>,
	"Magnus Lindholm" <linmag7@gmail.com>,
	"Matt Turner" <mattst88@gmail.com>,
	"Richard Henderson" <richard.henderson@linaro.org>,
	"Christophe Leroy" <chleroy@kernel.org>,
	"Madhavan Srinivasan" <maddy@linux.ibm.com>,
	"Michael Ellerman" <mpe@ellerman.id.au>,
	"Nicholas Piggin" <npiggin@gmail.com>,
	"Dexuan Cui" <decui@microsoft.com>,
	"Krzysztof Hałasa" <khalasa@piap.pl>,
	"Lukas Wunner" <lukas@wunner.de>,
	"Oliver O'Halloran" <oohall@gmail.com>,
	"Saurabh Singh Sengar" <ssengar@microsoft.com>,
	"Shuan He" <heshuan@bytedance.com>,
	"Srivatsa Bhat" <srivatsabhat@microsoft.com>,
	"Ilpo Järvinen" <ilpo.jarvinen@linux.intel.com>,
	linux-pci@vger.kernel.org, linux-alpha@vger.kernel.org,
	linuxppc-dev@lists.ozlabs.org
Subject: [PATCH 10/20] alpha/PCI: Add security_locked_down() check to pci_mmap_resource()
Date: Fri, 10 Apr 2026 05:50:30 +0000	[thread overview]
Message-ID: <20260410055040.39233-11-kwilczynski@kernel.org> (raw)
In-Reply-To: <20260410055040.39233-1-kwilczynski@kernel.org>

Currently, Alpha's pci_mmap_resource() does not check
security_locked_down(LOCKDOWN_PCI_ACCESS) before allowing
userspace to mmap PCI BARs.

The generic version has had this check since commit eb627e17727e
("PCI: Lock down BAR access when the kernel is locked down") to
prevent DMA attacks when the kernel is locked down.

Add the same check to Alpha's pci_mmap_resource().

Signed-off-by: Krzysztof Wilczyński <kwilczynski@kernel.org>
---
 arch/alpha/kernel/pci-sysfs.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/arch/alpha/kernel/pci-sysfs.c b/arch/alpha/kernel/pci-sysfs.c
index 3048758304b5..2324720c3e83 100644
--- a/arch/alpha/kernel/pci-sysfs.c
+++ b/arch/alpha/kernel/pci-sysfs.c
@@ -11,6 +11,7 @@
  */
 
 #include <linux/sched.h>
+#include <linux/security.h>
 #include <linux/stat.h>
 #include <linux/slab.h>
 #include <linux/pci.h>
@@ -71,7 +72,11 @@ static int pci_mmap_resource(struct kobject *kobj,
 	struct resource *res = attr->private;
 	enum pci_mmap_state mmap_type;
 	struct pci_bus_region bar;
-	int i;
+	int i, ret;
+
+	ret = security_locked_down(LOCKDOWN_PCI_ACCESS);
+	if (ret)
+		return ret;
 
 	for (i = 0; i < PCI_STD_NUM_BARS; i++)
 		if (res == &pdev->resource[i])
-- 
2.53.0

next prev parent reply	other threads:[~2026-04-10  5:51 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-10  5:50 [PATCH 00/20] PCI: Convert all dynamic sysfs attributes to static Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 01/20] PCI/sysfs: Use PCI resource accessor macros Krzysztof Wilczyński
2026-04-10 10:20   ` Ilpo Järvinen
2026-04-10  5:50 ` [PATCH 02/20] PCI/sysfs: Only allow supported resource types in I/O and MMIO helpers Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 03/20] PCI/sysfs: Use BAR length in pci_llseek_resource() when attr->size is zero Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 04/20] PCI/sysfs: Add CAP_SYS_ADMIN check to __resource_resize_store() Krzysztof Wilczyński
2026-04-10 10:18   ` Ilpo Järvinen
2026-04-10  5:50 ` [PATCH 05/20] PCI/sysfs: Add static PCI resource attribute macros Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 06/20] PCI/sysfs: Convert PCI resource files to static attributes Krzysztof Wilczyński
2026-04-10 10:49   ` Ilpo Järvinen
2026-04-10 11:13     ` Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 07/20] PCI/sysfs: Convert __resource_resize_store() to use " Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 08/20] PCI/sysfs: Add stubs for pci_{create,remove}_sysfs_dev_files() Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 09/20] PCI/sysfs: Limit pci_sysfs_init() late_initcall compile scope Krzysztof Wilczyński
2026-04-10  5:50 ` Krzysztof Wilczyński [this message]
2026-04-10 11:04   ` [PATCH 10/20] alpha/PCI: Add security_locked_down() check to pci_mmap_resource() Ilpo Järvinen
2026-04-10 11:10     ` Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 11/20] alpha/PCI: Use BAR index in sysfs attr->private instead of resource pointer Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 12/20] alpha/PCI: Use PCI resource accessor macros Krzysztof Wilczyński
2026-04-10 11:11   ` Ilpo Järvinen
2026-04-10 11:27     ` Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 13/20] alpha/PCI: Clean up __pci_mmap_fits() Krzysztof Wilczyński
2026-04-10 11:14   ` Ilpo Järvinen
2026-04-10 11:21     ` Krzysztof Wilczyński
2026-04-10 11:32       ` Ilpo Järvinen
2026-04-10 11:55         ` Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 14/20] alpha/PCI: Add static PCI resource attribute macros Krzysztof Wilczyński
2026-04-10 11:19   ` Ilpo Järvinen
2026-04-10 11:48     ` Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 15/20] alpha/PCI: Convert resource files to static attributes Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 16/20] PCI/sysfs: Remove pci_{create,remove}_sysfs_dev_files() Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 17/20] alpha/PCI: Compute legacy size in pci_mmap_legacy_page_range() Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 18/20] PCI/sysfs: Add __weak pci_legacy_has_sparse() helper Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 19/20] PCI/sysfs: Convert legacy I/O and memory attributes to static definitions Krzysztof Wilczyński
2026-04-10 11:47   ` Ilpo Järvinen
2026-04-10 12:04     ` Krzysztof Wilczyński
2026-04-10  5:50 ` [PATCH 20/20] PCI/sysfs: Remove pci_create_legacy_files() and pci_sysfs_init() Krzysztof Wilczyński
2026-04-10 18:18 ` [PATCH 00/20] PCI: Convert all dynamic sysfs attributes to static Krzysztof Wilczyński

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3048758304b dfblob:2324720c3e8 )
 OR (
bs:"[PATCH 10/20] alpha/PCI: Add security_locked_down() check to pci_mmap_resource()" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260410055040.39233-11-kwilczynski@kernel.org \
    --to=kwilczynski@kernel.org \
    --cc=bhelgaas@google.com \
    --cc=chleroy@kernel.org \
    --cc=decui@microsoft.com \
    --cc=helgaas@kernel.org \
    --cc=heshuan@bytedance.com \
    --cc=ilpo.jarvinen@linux.intel.com \
    --cc=khalasa@piap.pl \
    --cc=linmag7@gmail.com \
    --cc=linux-alpha@vger.kernel.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=lpieralisi@kernel.org \
    --cc=lukas@wunner.de \
    --cc=maddy@linux.ibm.com \
    --cc=mani@kernel.org \
    --cc=mattst88@gmail.com \
    --cc=mpe@ellerman.id.au \
    --cc=npiggin@gmail.com \
    --cc=oohall@gmail.com \
    --cc=richard.henderson@linaro.org \
    --cc=srivatsabhat@microsoft.com \
    --cc=ssengar@microsoft.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.