[GitHub/mt8127/android_kernel_alcatel_ttab.git] / security / min_addr.c

#include <linux/init.h>
#include <linux/mm.h>
#include <linux/security.h>
#include <linux/sysctl.h>

/* amount of vm to protect from userspace access by both DAC and the LSM*/
unsigned long mmap_min_addr;
/* amount of vm to protect from userspace using CAP_SYS_RAWIO (DAC) */
unsigned long dac_mmap_min_addr = CONFIG_DEFAULT_MMAP_MIN_ADDR;
/* amount of vm to protect from userspace using the LSM = CONFIG_LSM_MMAP_MIN_ADDR */

/*
 * Update mmap_min_addr = max(dac_mmap_min_addr, CONFIG_LSM_MMAP_MIN_ADDR)
 */
static void update_mmap_min_addr(void)
{
#ifdef CONFIG_LSM_MMAP_MIN_ADDR
	if (dac_mmap_min_addr > CONFIG_LSM_MMAP_MIN_ADDR)
		mmap_min_addr = dac_mmap_min_addr;
	else
		mmap_min_addr = CONFIG_LSM_MMAP_MIN_ADDR;
#else
	mmap_min_addr = dac_mmap_min_addr;
#endif
}

/*
 * sysctl handler which just sets dac_mmap_min_addr = the new value and then
 * calls update_mmap_min_addr() so non MAP_FIXED hints get rounded properly
 */
int mmap_min_addr_handler(struct ctl_table *table, int write,
			  void __user *buffer, size_t *lenp, loff_t *ppos)
{
	int ret;

	if (write && !capable(CAP_SYS_RAWIO))
		return -EPERM;

	ret = proc_doulongvec_minmax(table, write, buffer, lenp, ppos);

	update_mmap_min_addr();

	return ret;
}

static int __init init_mmap_min_addr(void)
{
	update_mmap_min_addr();

	return 0;
}
pure_initcall(init_mmap_min_addr);
Commit	Line	Data
788084ab EP	1	#include <linux/init.h>
	2	#include <linux/mm.h>
	3	#include <linux/security.h>
	4	#include <linux/sysctl.h>
	5
	6	/* amount of vm to protect from userspace access by both DAC and the LSM*/
	7	unsigned long mmap_min_addr;
	8	/* amount of vm to protect from userspace using CAP_SYS_RAWIO (DAC) */
	9	unsigned long dac_mmap_min_addr = CONFIG_DEFAULT_MMAP_MIN_ADDR;
	10	/* amount of vm to protect from userspace using the LSM = CONFIG_LSM_MMAP_MIN_ADDR */
	11
	12	/*
	13	* Update mmap_min_addr = max(dac_mmap_min_addr, CONFIG_LSM_MMAP_MIN_ADDR)
	14	*/
	15	static void update_mmap_min_addr(void)
	16	{
	17	#ifdef CONFIG_LSM_MMAP_MIN_ADDR
	18	if (dac_mmap_min_addr > CONFIG_LSM_MMAP_MIN_ADDR)
	19	mmap_min_addr = dac_mmap_min_addr;
	20	else
	21	mmap_min_addr = CONFIG_LSM_MMAP_MIN_ADDR;
	22	#else
	23	mmap_min_addr = dac_mmap_min_addr;
	24	#endif
	25	}
	26
	27	/*
	28	* sysctl handler which just sets dac_mmap_min_addr = the new value and then
	29	* calls update_mmap_min_addr() so non MAP_FIXED hints get rounded properly
	30	*/
8d65af78	31	int mmap_min_addr_handler(struct ctl_table *table, int write,
788084ab EP	32	void __user buffer, size_t lenp, loff_t *ppos)
	33	{
	34	int ret;
	35
4ae69e6b	36	if (write && !capable(CAP_SYS_RAWIO))
0e1a6ef2 KC	37	return -EPERM;
0e1a6ef2 KC	38
8d65af78	39	ret = proc_doulongvec_minmax(table, write, buffer, lenp, ppos);
788084ab EP	40
	41	update_mmap_min_addr();
	42
	43	return ret;
	44	}
	45
dd880fbe	46	static int __init init_mmap_min_addr(void)
788084ab EP	47	{
	48	update_mmap_min_addr();
	49
	50	return 0;
	51	}
	52	pure_initcall(init_mmap_min_addr);