IB/mlx5: Allow mapping the free running counter on PROT_EXEC
authorMatan Barak <matanb@mellanox.com>
Thu, 14 Apr 2016 13:52:10 +0000 (16:52 +0300)
committerDoug Ledford <dledford@redhat.com>
Fri, 13 May 2016 23:40:03 +0000 (19:40 -0400)
The current mlx5 code disallows mapping the free running counter of
mlx5 based hardwares when PROT_EXEC is set.
Although this behaviour is correct, Linux does add an implicit VM_EXEC
to the vm_flags if the READ_IMPLIES_EXEC bit is set in the process
personality. This happens for example if the process stack is
executable.

This causes libmlx5 to output a warning and prevents the user from
reading the free running clock.
Executing the init segment of the hardware isn't a security risk
(at least no more than executing a process own stack), so we just
prevent writes to there.

Fixes: d69e3bcf7976 ('IB/mlx5: Mmap the HCA's core clock register to
      user-space')
Signed-off-by: Matan Barak <matanb@mellanox.com>
Reviewed-by: Haggai Eran <haggaie@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
drivers/infiniband/hw/mlx5/main.c

index 6ad0489cb3c5bfaf14170874971af77166576784..f2a1ad9b1a7ae9a22e645ebe53c4acf54c2122b7 100644 (file)
@@ -1108,7 +1108,7 @@ static int mlx5_ib_mmap(struct ib_ucontext *ibcontext, struct vm_area_struct *vm
                if (vma->vm_end - vma->vm_start != PAGE_SIZE)
                        return -EINVAL;
 
-               if (vma->vm_flags & (VM_WRITE | VM_EXEC))
+               if (vma->vm_flags & VM_WRITE)
                        return -EPERM;
 
                /* Don't expose to user-space information it shouldn't have */