/dev/mem "unbounded?"

/dev/mem "unbounded?"

[Andrei Warkentin]

Dear LKML,

In the previous kernels, valid_phys_addr_range was not
defined for x86, and used the static variant which
returned 0 if access went above __pa(high_memory).

Current behavior, though, relies on the x86 variant
of valid_phys_addr_range, defined in arch/x86/include/asm/io.h,
that always returns 1, hence, reading will never end since there
won't be any condition (barring an MCE on physical hardware) that
would say "Bad Address". Is this supposed to be by design?

How about exposing the "top" allocated resource address from 
linux/kernel/resource.c? That way /dev/mem will know when
all the "interesting" bits end, and can return -EFAULT for
everything above that.

Thanks,
A

Re: /dev/mem "unbounded?"

[H. Peter Anvin]

On 11/09/2011 01:01 PM, Andrei Warkentin wrote:
> Dear LKML,
> 
> In the previous kernels, valid_phys_addr_range was not
> defined for x86, and used the static variant which
> returned 0 if access went above __pa(high_memory).
> 
> Current behavior, though, relies on the x86 variant
> of valid_phys_addr_range, defined in arch/x86/include/asm/io.h,
> that always returns 1, hence, reading will never end since there
> won't be any condition (barring an MCE on physical hardware) that
> would say "Bad Address". Is this supposed to be by design?
> 
> How about exposing the "top" allocated resource address from 
> linux/kernel/resource.c? That way /dev/mem will know when
> all the "interesting" bits end, and can return -EFAULT for
> everything above that.
> 

That would be incorrect behavior, though, except perhaps for the range
that cannot be addressed by the processor.  It is explicitly permitted
to address ranges that does not have addresses mapped to it.

-EFAULT would also be wrong.  If anything it should be -EIO.

	-hpa

Re: /dev/mem "unbounded?"

[Andrei Warkentin]

Hi Peter,

----- Original Message -----
> 
> That would be incorrect behavior, though, except perhaps for the
> range
> that cannot be addressed by the processor.  It is explicitly
> permitted
> to address ranges that does not have addresses mapped to it.

There is a current mechanism for restricting access to a subset
of addresses, and it is used to enforce < 1MB accesses on x86
if CONFIG_STRICT_DEVMEM. This could be extended.

Do you think there is any value in specifying something like
CONFIG_DEV_MEM_ONLY_CLAIMED, which would only allow accesses
until the end of the last range claimed with request_region (but
could, of course, well be unmapped). This will allow accesses to
any unclaimed "holes" in between. I.e., if you have 0-100m claimed,
followed by 300-700m claimed, then reading /dev/mem will work up
until you reach 700m.

> 
> -EFAULT would also be wrong.  If anything it should be -EIO.
> 

Ok, I'll submit a patch for that.

A

Re: /dev/mem "unbounded?"

[H. Peter Anvin]

On 11/09/2011 02:38 PM, Andrei Warkentin wrote:
> Hi Peter,
> 
> ----- Original Message -----
>>
>> That would be incorrect behavior, though, except perhaps for the
>> range
>> that cannot be addressed by the processor.  It is explicitly
>> permitted
>> to address ranges that does not have addresses mapped to it.
> 
> There is a current mechanism for restricting access to a subset
> of addresses, and it is used to enforce < 1MB accesses on x86
> if CONFIG_STRICT_DEVMEM. This could be extended.
> 

Well, that mechanism is broken.  The way it *should* work is that any
region which is system RAM should be denied access, and the rest is
accessible.  The current behavior is a hack due to the behavior of some
old versions of Xorg, but that has long been fixed.

> Do you think there is any value in specifying something like
> CONFIG_DEV_MEM_ONLY_CLAIMED, which would only allow accesses
> until the end of the last range claimed with request_region (but
> could, of course, well be unmapped). This will allow accesses to
> any unclaimed "holes" in between. I.e., if you have 0-100m claimed,
> followed by 300-700m claimed, then reading /dev/mem will work up
> until you reach 700m.

No.  If you don't know what you're accessing, you should not be touching
/dev/mem under any circumstances.  Odds are that even if you're only
reading, there are registers with side effects in there somewhere.

	-hpa

Re: /dev/mem "unbounded?"

[Andrei Warkentin]

Hi Peter,

----- Original Message -----
> From: "H. Peter Anvin" <hpa@zytor.com>
> To: "Andrei Warkentin" <awarkentin@vmware.com>
> Cc: "LKML" <linux-kernel@vger.kernel.org>
> Sent: Wednesday, November 9, 2011 7:11:42 PM
> Subject: Re: /dev/mem "unbounded?"
> 
> 
> Well, that mechanism is broken.  The way it *should* work is that any
> region which is system RAM should be denied access, and the rest is
> accessible.  The current behavior is a hack due to the behavior of
> some
> old versions of Xorg, but that has long been fixed.
> 

Ah, ok, that seems very reasonable. Thank you for clarifying!

A