staging: vchiq_arm: Disable ability to dump memory by default
authorMichael Zoran <mzoran@crowfest.net>
Wed, 8 Mar 2017 03:23:36 +0000 (19:23 -0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 9 Mar 2017 12:39:05 +0000 (13:39 +0100)
vc04_services has an ioctl interface to dump arbitrary memory
to a custom debug log.  This is typically only needed by
diagnostic tools, and can potentially be a security issue
if the devtmpfs node doesn't have adequate permissions set.

Since the ability to dump memory still has debugging value,
create a new build configuration and disable the feature
by default.

Signed-off-by: Michael Zoran <mzoran@crowfest.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/vc04_services/Kconfig
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c

index eb52cec18c87985d5d263e2579ba1884b4bdb948..b9f316603308e89d882fe1b64ef4ef1bb52c0d29 100644 (file)
@@ -18,6 +18,18 @@ config BCM2835_VCHIQ
                Defaults to Y when the Broadcom Videocore services
                are included in the build, N otherwise.
 
+if BCM2835_VCHIQ
+
+config BCM2835_VCHIQ_SUPPORT_MEMDUMP
+       bool "Support dumping memory contents to debug log"
+       help
+               BCM2835 VCHIQ supports the ability to dump the
+               contents of memory to the debug log.  This
+               is typically only needed by diagnostic tools used
+               to debug issues with VideoCore.
+
+endif
+
 source "drivers/staging/vc04_services/bcm2835-audio/Kconfig"
 
 source "drivers/staging/vc04_services/bcm2835-camera/Kconfig"
index ca6ab47fba6fa39168c9c81310ef1801a170ddf8..ff96e71cfa8be4dab8c0a2690e40e4e27f2a2b5d 100644 (file)
@@ -195,8 +195,10 @@ static const char *const ioctl_names[] = {
 vchiq_static_assert(ARRAY_SIZE(ioctl_names) ==
                    (VCHIQ_IOC_MAX + 1));
 
+#if defined(CONFIG_BCM2835_VCHIQ_SUPPORT_MEMDUMP)
 static void
 dump_phys_mem(void *virt_addr, u32 num_bytes);
+#endif
 
 /****************************************************************************
 *
@@ -1159,6 +1161,7 @@ vchiq_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
                                args.handle, args.option, args.value);
        } break;
 
+#if defined(CONFIG_BCM2835_VCHIQ_SUPPORT_MEMDUMP)
        case VCHIQ_IOC_DUMP_PHYS_MEM: {
                VCHIQ_DUMP_MEM_T  args;
 
@@ -1170,6 +1173,7 @@ vchiq_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
                }
                dump_phys_mem(args.virt_addr, args.num_bytes);
        } break;
+#endif
 
        case VCHIQ_IOC_LIB_VERSION: {
                unsigned int lib_version = (unsigned int)arg;
@@ -1650,6 +1654,8 @@ vchiq_compat_ioctl_get_config(struct file *file,
        return vchiq_ioctl(file, VCHIQ_IOC_GET_CONFIG, (unsigned long)args);
 }
 
+#if defined(CONFIG_BCM2835_VCHIQ_SUPPORT_MEMDUMP)
+
 struct vchiq_dump_mem32 {
        compat_uptr_t virt_addr;
        u32 num_bytes;
@@ -1682,6 +1688,8 @@ vchiq_compat_ioctl_dump_phys_mem(struct file *file,
        return vchiq_ioctl(file, VCHIQ_IOC_DUMP_PHYS_MEM, (unsigned long)args);
 }
 
+#endif
+
 static long
 vchiq_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
 {
@@ -1699,8 +1707,10 @@ vchiq_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
                return vchiq_compat_ioctl_dequeue_message(file, cmd, arg);
        case VCHIQ_IOC_GET_CONFIG32:
                return vchiq_compat_ioctl_get_config(file, cmd, arg);
+#if defined(CONFIG_BCM2835_VCHIQ_SUPPORT_MEMDUMP)
        case VCHIQ_IOC_DUMP_PHYS_MEM32:
                return vchiq_compat_ioctl_dump_phys_mem(file, cmd, arg);
+#endif
        default:
                return vchiq_ioctl(file, cmd, arg);
        }
@@ -2044,6 +2054,8 @@ vchiq_dump_platform_service_state(void *dump_context, VCHIQ_SERVICE_T *service)
 *
 ***************************************************************************/
 
+#if defined(CONFIG_BCM2835_VCHIQ_SUPPORT_MEMDUMP)
+
 static void
 dump_phys_mem(void *virt_addr, u32 num_bytes)
 {
@@ -2126,6 +2138,8 @@ out:
        kfree(pages);
 }
 
+#endif
+
 /****************************************************************************
 *
 *   vchiq_read