svn commit: r304279 - head/sys/dev/acpica
Konstantin Belousov
kib at FreeBSD.org
Wed Aug 17 09:20:06 UTC 2016
Author: kib
Date: Wed Aug 17 09:20:04 2016
New Revision: 304279
URL: https://svnweb.freebsd.org/changeset/base/304279
Log:
By default, allow all to read the HPET registers pages. At the same
time, by, by default disallow writes to the mmaped HPET pages.
Intent is to allow userspace to use HPET as fast (i.e. no-syscall)
timecounter for gettimeofday(2). Unfortunately, the permission model
does not make it possible to safely unhide /dev/hpet in the jails even
if default mode is set to 0444, because untrusted jailed root may
change device permissions to writeable.
Sponsored by: The FreeBSD Foundation
MFC after: 3 weeks
Modified:
head/sys/dev/acpica/acpi_hpet.c
Modified: head/sys/dev/acpica/acpi_hpet.c
==============================================================================
--- head/sys/dev/acpica/acpi_hpet.c Wed Aug 17 09:12:02 2016 (r304278)
+++ head/sys/dev/acpica/acpi_hpet.c Wed Aug 17 09:20:04 2016 (r304279)
@@ -762,14 +762,14 @@ hpet_attach(device_t dev)
mda.mda_devsw = &hpet_cdevsw;
mda.mda_uid = UID_ROOT;
mda.mda_gid = GID_WHEEL;
- mda.mda_mode = 0600;
+ mda.mda_mode = 0644;
mda.mda_si_drv1 = sc;
error = make_dev_s(&mda, &sc->pdev, "hpet%d", device_get_unit(dev));
if (error == 0) {
sc->mmap_allow = 1;
TUNABLE_INT_FETCH("hw.acpi.hpet.mmap_allow",
&sc->mmap_allow);
- sc->mmap_allow_write = 1;
+ sc->mmap_allow_write = 0;
TUNABLE_INT_FETCH("hw.acpi.hpet.mmap_allow_write",
&sc->mmap_allow_write);
SYSCTL_ADD_INT(device_get_sysctl_ctx(dev),
More information about the svn-src-head
mailing list