340916 |
25-Nov-2018 |
emaste |
MFC r340771: proto: change device permissions to 0600
C Turt reports that the driver is not thread safe and may have exploitable races.
Note that the proto device is intended for prototyping and development, and is not for use on production systems. From the man page:
SECURITY CONSIDERATIONS Because programs have direct access to the hardware, the proto driver is inherently insecure. It is not advisable to use this driver on a production machine.
The proto device is not included in any of FreeBSD's kernel config files (although the module is built).
The issues in the proto device still need to be fixed, and the device is inherently (and intentionally) insecure, but it might as well be limited to root only.
admbugs: 782 Reported by: C Turt <ecturt@gmail.com> Sponsored by: The FreeBSD Foundation |
297000 |
18-Mar-2016 |
jhibbits |
Use uintmax_t (typedef'd to rman_res_t type) for rman ranges.
On some architectures, u_long isn't large enough for resource definitions. Particularly, powerpc and arm allow 36-bit (or larger) physical addresses, but type `long' is only 32-bit. This extends rman's resources to uintmax_t. With this change, any resource can feasibly be placed anywhere in physical memory (within the constraints of the driver).
Why uintmax_t and not something machine dependent, or uint64_t? Though it's possible for uintmax_t to grow, it's highly unlikely it will become 128-bit on 32-bit architectures. 64-bit architectures should have plenty of RAM to absorb the increase on resource sizes if and when this occurs, and the number of resources on memory-constrained systems should be sufficiently small as to not pose a drastic overhead. That being said, uintmax_t was chosen for source clarity. If it's specified as uint64_t, all printf()-like calls would either need casts to uintmax_t, or be littered with PRI*64 macros. Casts to uintmax_t aren't horrible, but it would also bake into the API for resource_list_print_type() either a hidden assumption that entries get cast to uintmax_t for printing, or these calls would need the PRI*64 macros. Since source code is meant to be read more often than written, I chose the clearest path of simply using uintmax_t.
Tested on a PowerPC p5020-based board, which places all device resources in 0xfxxxxxxxx, and has 8GB RAM. Regression tested on qemu-system-i386 Regression tested on qemu-system-mips (malta profile)
Tested PAE and devinfo on virtualbox (live CD)
Special thanks to bz for his testing on ARM.
Reviewed By: bz, jhb (previous) Relnotes: Yes Sponsored by: Alex Perez/Inertial Computing Differential Revision: https://reviews.freebsd.org/D4544
|
284079 |
06-Jun-2015 |
marcel |
DMA support part 1: DMA tag create & destroy
Create a special resource (= device special file) for management of tags and maps, as well as for mapping memory into the address space. DMA resources are managed using the PROTO_IOC_BUSDMA ioctl. Part 1 implements tag creation, derivation and destruction.
|