On 05/09/2014 12:58 PM, Arnd Bergmann wrote: > On Friday 09 May 2014 12:19:16 Josh Triplett wrote: > >> + if (!access_ok(VERIFY_WRITE, buf, count)) >> + return -EFAULT; >> + if (port > 65535) >> + return 0; > > This should probably test against IO_SPACE_LIMIT, which may be zero, > something larger than 65536 or even ULONG_MAX, depending on the > architecture. > > In cases where this IO_SPACE_LIMIT is zero or ULONG_MAX, we should > probably disallow access completely. The former case is for architectures > that don't have any I/O ports, the other is either a mistake, or is > used when inb is defined as readb, and the port numbers are just virtual > addresses. > PCI supports a 32-bit I/O address space, so if the architecture permits it, having a 32-bit I/O space is perfectly legitimate. It is worth noting that /dev/port has the same problem. However, if we're going to have these devices I'm wondering if having /dev/portw and /dev/portl (or something like that) might not make sense, rather than requiring a system call per transaction. Also, x86 supports unaligned I/O port references, but not all architectures do. On the other hand, x86 also supports ioperm(). -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
