xref: /openbmc/linux/arch/arm64/mm/mmap.c (revision d2ba09c1)
1 /*
2  * Based on arch/arm/mm/mmap.c
3  *
4  * Copyright (C) 2012 ARM Ltd.
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License version 2 as
8  * published by the Free Software Foundation.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
17  */
18 
19 #include <linux/elf.h>
20 #include <linux/fs.h>
21 #include <linux/memblock.h>
22 #include <linux/mm.h>
23 #include <linux/mman.h>
24 #include <linux/export.h>
25 #include <linux/shm.h>
26 #include <linux/sched/signal.h>
27 #include <linux/sched/mm.h>
28 #include <linux/io.h>
29 #include <linux/personality.h>
30 #include <linux/random.h>
31 
32 #include <asm/cputype.h>
33 
34 /*
35  * Leave enough space between the mmap area and the stack to honour ulimit in
36  * the face of randomisation.
37  */
38 #define MIN_GAP (SZ_128M)
39 #define MAX_GAP	(STACK_TOP/6*5)
40 
41 static int mmap_is_legacy(struct rlimit *rlim_stack)
42 {
43 	if (current->personality & ADDR_COMPAT_LAYOUT)
44 		return 1;
45 
46 	if (rlim_stack->rlim_cur == RLIM_INFINITY)
47 		return 1;
48 
49 	return sysctl_legacy_va_layout;
50 }
51 
52 unsigned long arch_mmap_rnd(void)
53 {
54 	unsigned long rnd;
55 
56 #ifdef CONFIG_COMPAT
57 	if (test_thread_flag(TIF_32BIT))
58 		rnd = get_random_long() & ((1UL << mmap_rnd_compat_bits) - 1);
59 	else
60 #endif
61 		rnd = get_random_long() & ((1UL << mmap_rnd_bits) - 1);
62 	return rnd << PAGE_SHIFT;
63 }
64 
65 static unsigned long mmap_base(unsigned long rnd, struct rlimit *rlim_stack)
66 {
67 	unsigned long gap = rlim_stack->rlim_cur;
68 	unsigned long pad = (STACK_RND_MASK << PAGE_SHIFT) + stack_guard_gap;
69 
70 	/* Values close to RLIM_INFINITY can overflow. */
71 	if (gap + pad > gap)
72 		gap += pad;
73 
74 	if (gap < MIN_GAP)
75 		gap = MIN_GAP;
76 	else if (gap > MAX_GAP)
77 		gap = MAX_GAP;
78 
79 	return PAGE_ALIGN(STACK_TOP - gap - rnd);
80 }
81 
82 /*
83  * This function, called very early during the creation of a new process VM
84  * image, sets up which VM layout function to use:
85  */
86 void arch_pick_mmap_layout(struct mm_struct *mm, struct rlimit *rlim_stack)
87 {
88 	unsigned long random_factor = 0UL;
89 
90 	if (current->flags & PF_RANDOMIZE)
91 		random_factor = arch_mmap_rnd();
92 
93 	/*
94 	 * Fall back to the standard layout if the personality bit is set, or
95 	 * if the expected stack growth is unlimited:
96 	 */
97 	if (mmap_is_legacy(rlim_stack)) {
98 		mm->mmap_base = TASK_UNMAPPED_BASE + random_factor;
99 		mm->get_unmapped_area = arch_get_unmapped_area;
100 	} else {
101 		mm->mmap_base = mmap_base(random_factor, rlim_stack);
102 		mm->get_unmapped_area = arch_get_unmapped_area_topdown;
103 	}
104 }
105 
106 /*
107  * You really shouldn't be using read() or write() on /dev/mem.  This might go
108  * away in the future.
109  */
110 int valid_phys_addr_range(phys_addr_t addr, size_t size)
111 {
112 	/*
113 	 * Check whether addr is covered by a memory region without the
114 	 * MEMBLOCK_NOMAP attribute, and whether that region covers the
115 	 * entire range. In theory, this could lead to false negatives
116 	 * if the range is covered by distinct but adjacent memory regions
117 	 * that only differ in other attributes. However, few of such
118 	 * attributes have been defined, and it is debatable whether it
119 	 * follows that /dev/mem read() calls should be able traverse
120 	 * such boundaries.
121 	 */
122 	return memblock_is_region_memory(addr, size) &&
123 	       memblock_is_map_memory(addr);
124 }
125 
126 /*
127  * Do not allow /dev/mem mappings beyond the supported physical range.
128  */
129 int valid_mmap_phys_addr_range(unsigned long pfn, size_t size)
130 {
131 	return !(((pfn << PAGE_SHIFT) + size) & ~PHYS_MASK);
132 }
133 
134 #ifdef CONFIG_STRICT_DEVMEM
135 
136 #include <linux/ioport.h>
137 
138 /*
139  * devmem_is_allowed() checks to see if /dev/mem access to a certain address
140  * is valid. The argument is a physical page number.  We mimic x86 here by
141  * disallowing access to system RAM as well as device-exclusive MMIO regions.
142  * This effectively disable read()/write() on /dev/mem.
143  */
144 int devmem_is_allowed(unsigned long pfn)
145 {
146 	if (iomem_is_exclusive(pfn << PAGE_SHIFT))
147 		return 0;
148 	if (!page_is_ram(pfn))
149 		return 1;
150 	return 0;
151 }
152 
153 #endif
154