The command DB is read-only already to the kernel because everything is const marked once we map it. Let's go one step further and try to map the memory as read-only in the page tables. This should make it harder for random code to corrupt the database and change the contents.
Cc: Evan Green <[email protected]> Cc: Rob Herring <[email protected]> Cc: Bjorn Andersson <[email protected]> Cc: Andy Gross <[email protected]> Cc: Will Deacon <[email protected]> Cc: Catalin Marinas <[email protected]> Cc: Dan Williams <[email protected]> Signed-off-by: Stephen Boyd <[email protected]> --- drivers/soc/qcom/cmd-db.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/soc/qcom/cmd-db.c b/drivers/soc/qcom/cmd-db.c index 10a34d26b753..6365e8260282 100644 --- a/drivers/soc/qcom/cmd-db.c +++ b/drivers/soc/qcom/cmd-db.c @@ -240,7 +240,8 @@ static int cmd_db_dev_probe(struct platform_device *pdev) { int ret = 0; - cmd_db_header = devm_memremap_reserved_mem(&pdev->dev, MEMREMAP_WB); + cmd_db_header = devm_memremap_reserved_mem(&pdev->dev, + MEMREMAP_RO | MEMREMAP_WB); if (IS_ERR(cmd_db_header)) { ret = PTR_ERR(cmd_db_header); cmd_db_header = NULL; -- Sent by a computer through tubes
