[PATCH] disable sys32_{iopl,ioperm}

[PATCH] disable sys32_{iopl,ioperm}

[Arun Sharma]

[-- Attachment #1: Type: text/plain, Size: 182 bytes --]


The attached patch disables syscalls sys32_iopl() and sys32_ioperm() on 
ia64. Current code is not safe and no one is complaining. So we think 
it's better to disable it.

	-Arun



[-- Attachment #2: disable_sys32_iopl_ioperm.patch --]
[-- Type: text/plain, Size: 3321 bytes --]

Disable syscalls sys32_iopl() and sys32_ioperm() on ia64.
To emulate these 2 syscalls correctly, we need to guarantee uncached
memory attributes on ia64, which is difficult. The only user of this
interface that we know of is X. So we think it's better to disable it.

Signed-off-by: Gordon Jin <gordon.jin@intel.com>
Signed-off-by: Arun Sharma <arun.sharma@intel.com>

diff -purN linux-2.6.8/arch/ia64/ia32/ia32_entry.S linux-2.6.8-io/arch/ia64/ia32/ia32_entry.S
--- linux-2.6.8/arch/ia64/ia32/ia32_entry.S	2004-08-16 15:36:30.000000000 +0800
+++ linux-2.6.8-io/arch/ia64/ia32/ia32_entry.S	2004-09-08 10:28:30.518391985 +0800
@@ -311,7 +311,7 @@ ia32_syscall_table:
 	data8 sys_ni_syscall	  /* old profil syscall holder */
 	data8 compat_sys_statfs
 	data8 compat_sys_fstatfs	  /* 100 */
-	data8 sys32_ioperm
+	data8 sys_ni_syscall	/* ioperm */
 	data8 compat_sys_socketcall
 	data8 sys_syslog
 	data8 compat_sys_setitimer
@@ -320,7 +320,7 @@ ia32_syscall_table:
 	data8 compat_sys_newlstat
 	data8 compat_sys_newfstat
 	data8 sys_ni_syscall
-	data8 sys32_iopl		  /* 110 */
+	data8 sys_ni_syscall	/* iopl */	/* 110 */
 	data8 sys_vhangup
 	data8 sys_ni_syscall		/* used to be sys_idle */
 	data8 sys_ni_syscall
diff -purN linux-2.6.8/arch/ia64/ia32/sys_ia32.c linux-2.6.8-io/arch/ia64/ia32/sys_ia32.c
--- linux-2.6.8/arch/ia64/ia32/sys_ia32.c	2004-08-16 15:36:30.000000000 +0800
+++ linux-2.6.8-io/arch/ia64/ia32/sys_ia32.c	2004-09-08 10:28:21.486165533 +0800
@@ -1913,73 +1913,6 @@ sys32_ptrace (int request, pid_t pid, un
 	return ret;
 }
 
-/*
- *  The IA64 maps 4 I/O ports for each 4K page
- */
-#define IOLEN	((65536 / 4) * 4096)
-
-asmlinkage long
-sys32_iopl (int level)
-{
-	extern unsigned long ia64_iobase;
-	int fd;
-	struct file * file;
-	unsigned int old;
-	unsigned long addr;
-	mm_segment_t old_fs = get_fs ();
-
-	if (level != 3)
-		return(-EINVAL);
-	/* Trying to gain more privileges? */
-	old = ia64_getreg(_IA64_REG_AR_EFLAG);
-	if ((unsigned int) level > ((old >> 12) & 3)) {
-		if (!capable(CAP_SYS_RAWIO))
-			return -EPERM;
-	}
-	set_fs(KERNEL_DS);
-	fd = sys_open("/dev/mem", O_SYNC | O_RDWR, 0);
-	set_fs(old_fs);
-	if (fd < 0)
-		return fd;
-	file = fget(fd);
-	if (file == NULL) {
-		sys_close(fd);
-		return(-EFAULT);
-	}
-
-	down_write(&current->mm->mmap_sem);
-	addr = do_mmap_pgoff(file, IA32_IOBASE,
-			     IOLEN, PROT_READ|PROT_WRITE, MAP_SHARED,
-			     (ia64_iobase & ~PAGE_OFFSET) >> PAGE_SHIFT);
-	up_write(&current->mm->mmap_sem);
-
-	if (addr >= 0) {
-		old = (old & ~0x3000) | (level << 12);
-		ia64_setreg(_IA64_REG_AR_EFLAG, old);
-	}
-
-	fput(file);
-	sys_close(fd);
-	return 0;
-}
-
-asmlinkage long
-sys32_ioperm (unsigned int from, unsigned int num, int on)
-{
-
-	/*
-	 *  Since IA64 doesn't have permission bits we'd have to go to
-	 *    a lot of trouble to simulate them in software.  There's
-	 *    no point, only trusted programs can make this call so we'll
-	 *    just turn it into an iopl call and let the process have
-	 *    access to all I/O ports.
-	 *
-	 * XXX proper ioperm() support should be emulated by
-	 *	manipulating the page protections...
-	 */
-	return sys32_iopl(3);
-}
-
 typedef struct {
 	unsigned int	ss_sp;
 	unsigned int	ss_flags;