Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1c90308e authored by Konstantin Khlebnikov's avatar Konstantin Khlebnikov Committed by Linus Torvalds
Browse files

pagemap: hide physical addresses from non-privileged users 

This patch makes pagemap readable for normal users and hides physical
addresses from them.  For some use-cases PFN isn't required at all.

See http://lkml.kernel.org/r/1425935472-17949-1-git-send-email-kirill@shutemov.name



Fixes: ab676b7d ("pagemap: do not leak physical addresses to non-privileged userspace")
Signed-off-by: default avatarKonstantin Khlebnikov <khlebnikov@yandex-team.ru>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Reviewed-by: default avatarMark Williamson <mwilliamson@undo-software.com>
Tested-by: default avatarMark Williamson <mwilliamson@undo-software.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 356515e7

fs/proc/task_mmu.c

+14 −11
Original line number Diff line number Diff line
@@ -939,6 +939,7 @@ typedef struct { 
struct pagemapread {

	int pos, len;		/* units: PM_ENTRY_BYTES, not bytes */

	pagemap_entry_t *buffer;

	bool show_pfn;

};



#define PAGEMAP_WALK_SIZE	(PMD_SIZE)
@@ -1015,6 +1016,7 @@ static pagemap_entry_t pte_to_pagemap_entry(struct pagemapread *pm, 
	struct page *page = NULL;



	if (pte_present(pte)) {

		if (pm->show_pfn)

			frame = pte_pfn(pte);

		flags |= PM_PRESENT;

		page = vm_normal_page(vma, addr, pte);
@@ -1065,6 +1067,7 @@ static int pagemap_pmd_range(pmd_t *pmdp, unsigned long addr, unsigned long end, 
		 */

		if (pmd_present(pmd)) {

			flags |= PM_PRESENT;

			if (pm->show_pfn)

				frame = pmd_pfn(pmd) +

					((addr & ~PMD_MASK) >> PAGE_SHIFT);

		}
@@ -1075,7 +1078,7 @@ static int pagemap_pmd_range(pmd_t *pmdp, unsigned long addr, unsigned long end, 
			err = add_to_pagemap(addr, &pme, pm);

			if (err)

				break;

			if (flags & PM_PRESENT)

			if (pm->show_pfn && (flags & PM_PRESENT))

				frame++;

		}

		spin_unlock(ptl);
@@ -1129,6 +1132,7 @@ static int pagemap_hugetlb_range(pte_t *ptep, unsigned long hmask, 
			flags |= PM_FILE;



		flags |= PM_PRESENT;

		if (pm->show_pfn)

			frame = pte_pfn(pte) +

				((addr & ~hmask) >> PAGE_SHIFT);

	}
@@ -1139,7 +1143,7 @@ static int pagemap_hugetlb_range(pte_t *ptep, unsigned long hmask, 
		err = add_to_pagemap(addr, &pme, pm);

		if (err)

			return err;

		if (flags & PM_PRESENT)

		if (pm->show_pfn && (flags & PM_PRESENT))

			frame++;

	}
@@ -1198,6 +1202,9 @@ static ssize_t pagemap_read(struct file *file, char __user *buf, 
	if (!count)

		goto out_mm;



	/* do not disclose physical addresses: attack vector */

	pm.show_pfn = file_ns_capable(file, &init_user_ns, CAP_SYS_ADMIN);



	pm.len = (PAGEMAP_WALK_SIZE >> PAGE_SHIFT);

	pm.buffer = kmalloc(pm.len * PM_ENTRY_BYTES, GFP_TEMPORARY);

	ret = -ENOMEM;
@@ -1267,10 +1274,6 @@ static int pagemap_open(struct inode *inode, struct file *file) 
{

	struct mm_struct *mm;



	/* do not disclose physical addresses: attack vector */

	if (!capable(CAP_SYS_ADMIN))

		return -EPERM;



	mm = proc_mem_open(inode, PTRACE_MODE_READ);

	if (IS_ERR(mm))

		return PTR_ERR(mm);