Loading...
1/*
2 * linux/drivers/char/mem.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 *
6 * Added devfs support.
7 * Jan-11-1998, C. Scott Ananian <cananian@alumni.princeton.edu>
8 * Shared /dev/zero mmapping support, Feb 2000, Kanoj Sarcar <kanoj@sgi.com>
9 */
10
11#include <linux/mm.h>
12#include <linux/miscdevice.h>
13#include <linux/slab.h>
14#include <linux/vmalloc.h>
15#include <linux/mman.h>
16#include <linux/random.h>
17#include <linux/init.h>
18#include <linux/raw.h>
19#include <linux/tty.h>
20#include <linux/capability.h>
21#include <linux/ptrace.h>
22#include <linux/device.h>
23#include <linux/highmem.h>
24#include <linux/crash_dump.h>
25#include <linux/backing-dev.h>
26#include <linux/bootmem.h>
27#include <linux/splice.h>
28#include <linux/pfn.h>
29
30#include <asm/uaccess.h>
31#include <asm/io.h>
32
33#ifdef CONFIG_IA64
34# include <linux/efi.h>
35#endif
36
37static inline unsigned long size_inside_page(unsigned long start,
38 unsigned long size)
39{
40 unsigned long sz;
41
42 sz = PAGE_SIZE - (start & (PAGE_SIZE - 1));
43
44 return min(sz, size);
45}
46
47#ifndef ARCH_HAS_VALID_PHYS_ADDR_RANGE
48static inline int valid_phys_addr_range(unsigned long addr, size_t count)
49{
50 return addr + count <= __pa(high_memory);
51}
52
53static inline int valid_mmap_phys_addr_range(unsigned long pfn, size_t size)
54{
55 return 1;
56}
57#endif
58
59#ifdef CONFIG_STRICT_DEVMEM
60static inline int range_is_allowed(unsigned long pfn, unsigned long size)
61{
62 u64 from = ((u64)pfn) << PAGE_SHIFT;
63 u64 to = from + size;
64 u64 cursor = from;
65
66 while (cursor < to) {
67 if (!devmem_is_allowed(pfn)) {
68 printk(KERN_INFO
69 "Program %s tried to access /dev/mem between %Lx->%Lx.\n",
70 current->comm, from, to);
71 return 0;
72 }
73 cursor += PAGE_SIZE;
74 pfn++;
75 }
76 return 1;
77}
78#else
79static inline int range_is_allowed(unsigned long pfn, unsigned long size)
80{
81 return 1;
82}
83#endif
84
85void __weak unxlate_dev_mem_ptr(unsigned long phys, void *addr)
86{
87}
88
89/*
90 * This funcion reads the *physical* memory. The f_pos points directly to the
91 * memory location.
92 */
93static ssize_t read_mem(struct file *file, char __user *buf,
94 size_t count, loff_t *ppos)
95{
96 unsigned long p = *ppos;
97 ssize_t read, sz;
98 char *ptr;
99
100 if (!valid_phys_addr_range(p, count))
101 return -EFAULT;
102 read = 0;
103#ifdef __ARCH_HAS_NO_PAGE_ZERO_MAPPED
104 /* we don't have page 0 mapped on sparc and m68k.. */
105 if (p < PAGE_SIZE) {
106 sz = size_inside_page(p, count);
107 if (sz > 0) {
108 if (clear_user(buf, sz))
109 return -EFAULT;
110 buf += sz;
111 p += sz;
112 count -= sz;
113 read += sz;
114 }
115 }
116#endif
117
118 while (count > 0) {
119 unsigned long remaining;
120
121 sz = size_inside_page(p, count);
122
123 if (!range_is_allowed(p >> PAGE_SHIFT, count))
124 return -EPERM;
125
126 /*
127 * On ia64 if a page has been mapped somewhere as uncached, then
128 * it must also be accessed uncached by the kernel or data
129 * corruption may occur.
130 */
131 ptr = xlate_dev_mem_ptr(p);
132 if (!ptr)
133 return -EFAULT;
134
135 remaining = copy_to_user(buf, ptr, sz);
136 unxlate_dev_mem_ptr(p, ptr);
137 if (remaining)
138 return -EFAULT;
139
140 buf += sz;
141 p += sz;
142 count -= sz;
143 read += sz;
144 }
145
146 *ppos += read;
147 return read;
148}
149
150static ssize_t write_mem(struct file *file, const char __user *buf,
151 size_t count, loff_t *ppos)
152{
153 unsigned long p = *ppos;
154 ssize_t written, sz;
155 unsigned long copied;
156 void *ptr;
157
158 if (!valid_phys_addr_range(p, count))
159 return -EFAULT;
160
161 written = 0;
162
163#ifdef __ARCH_HAS_NO_PAGE_ZERO_MAPPED
164 /* we don't have page 0 mapped on sparc and m68k.. */
165 if (p < PAGE_SIZE) {
166 sz = size_inside_page(p, count);
167 /* Hmm. Do something? */
168 buf += sz;
169 p += sz;
170 count -= sz;
171 written += sz;
172 }
173#endif
174
175 while (count > 0) {
176 sz = size_inside_page(p, count);
177
178 if (!range_is_allowed(p >> PAGE_SHIFT, sz))
179 return -EPERM;
180
181 /*
182 * On ia64 if a page has been mapped somewhere as uncached, then
183 * it must also be accessed uncached by the kernel or data
184 * corruption may occur.
185 */
186 ptr = xlate_dev_mem_ptr(p);
187 if (!ptr) {
188 if (written)
189 break;
190 return -EFAULT;
191 }
192
193 copied = copy_from_user(ptr, buf, sz);
194 unxlate_dev_mem_ptr(p, ptr);
195 if (copied) {
196 written += sz - copied;
197 if (written)
198 break;
199 return -EFAULT;
200 }
201
202 buf += sz;
203 p += sz;
204 count -= sz;
205 written += sz;
206 }
207
208 *ppos += written;
209 return written;
210}
211
212int __weak phys_mem_access_prot_allowed(struct file *file,
213 unsigned long pfn, unsigned long size, pgprot_t *vma_prot)
214{
215 return 1;
216}
217
218#ifndef __HAVE_PHYS_MEM_ACCESS_PROT
219
220/*
221 * Architectures vary in how they handle caching for addresses
222 * outside of main memory.
223 *
224 */
225#ifdef pgprot_noncached
226static int uncached_access(struct file *file, unsigned long addr)
227{
228#if defined(CONFIG_IA64)
229 /*
230 * On ia64, we ignore O_DSYNC because we cannot tolerate memory
231 * attribute aliases.
232 */
233 return !(efi_mem_attributes(addr) & EFI_MEMORY_WB);
234#elif defined(CONFIG_MIPS)
235 {
236 extern int __uncached_access(struct file *file,
237 unsigned long addr);
238
239 return __uncached_access(file, addr);
240 }
241#else
242 /*
243 * Accessing memory above the top the kernel knows about or through a
244 * file pointer
245 * that was marked O_DSYNC will be done non-cached.
246 */
247 if (file->f_flags & O_DSYNC)
248 return 1;
249 return addr >= __pa(high_memory);
250#endif
251}
252#endif
253
254static pgprot_t phys_mem_access_prot(struct file *file, unsigned long pfn,
255 unsigned long size, pgprot_t vma_prot)
256{
257#ifdef pgprot_noncached
258 unsigned long offset = pfn << PAGE_SHIFT;
259
260 if (uncached_access(file, offset))
261 return pgprot_noncached(vma_prot);
262#endif
263 return vma_prot;
264}
265#endif
266
267#ifndef CONFIG_MMU
268static unsigned long get_unmapped_area_mem(struct file *file,
269 unsigned long addr,
270 unsigned long len,
271 unsigned long pgoff,
272 unsigned long flags)
273{
274 if (!valid_mmap_phys_addr_range(pgoff, len))
275 return (unsigned long) -EINVAL;
276 return pgoff << PAGE_SHIFT;
277}
278
279/* can't do an in-place private mapping if there's no MMU */
280static inline int private_mapping_ok(struct vm_area_struct *vma)
281{
282 return vma->vm_flags & VM_MAYSHARE;
283}
284#else
285#define get_unmapped_area_mem NULL
286
287static inline int private_mapping_ok(struct vm_area_struct *vma)
288{
289 return 1;
290}
291#endif
292
293static const struct vm_operations_struct mmap_mem_ops = {
294#ifdef CONFIG_HAVE_IOREMAP_PROT
295 .access = generic_access_phys
296#endif
297};
298
299static int mmap_mem(struct file *file, struct vm_area_struct *vma)
300{
301 size_t size = vma->vm_end - vma->vm_start;
302
303 if (!valid_mmap_phys_addr_range(vma->vm_pgoff, size))
304 return -EINVAL;
305
306 if (!private_mapping_ok(vma))
307 return -ENOSYS;
308
309 if (!range_is_allowed(vma->vm_pgoff, size))
310 return -EPERM;
311
312 if (!phys_mem_access_prot_allowed(file, vma->vm_pgoff, size,
313 &vma->vm_page_prot))
314 return -EINVAL;
315
316 vma->vm_page_prot = phys_mem_access_prot(file, vma->vm_pgoff,
317 size,
318 vma->vm_page_prot);
319
320 vma->vm_ops = &mmap_mem_ops;
321
322 /* Remap-pfn-range will mark the range VM_IO and VM_RESERVED */
323 if (remap_pfn_range(vma,
324 vma->vm_start,
325 vma->vm_pgoff,
326 size,
327 vma->vm_page_prot)) {
328 return -EAGAIN;
329 }
330 return 0;
331}
332
333#ifdef CONFIG_DEVKMEM
334static int mmap_kmem(struct file *file, struct vm_area_struct *vma)
335{
336 unsigned long pfn;
337
338 /* Turn a kernel-virtual address into a physical page frame */
339 pfn = __pa((u64)vma->vm_pgoff << PAGE_SHIFT) >> PAGE_SHIFT;
340
341 /*
342 * RED-PEN: on some architectures there is more mapped memory than
343 * available in mem_map which pfn_valid checks for. Perhaps should add a
344 * new macro here.
345 *
346 * RED-PEN: vmalloc is not supported right now.
347 */
348 if (!pfn_valid(pfn))
349 return -EIO;
350
351 vma->vm_pgoff = pfn;
352 return mmap_mem(file, vma);
353}
354#endif
355
356#ifdef CONFIG_CRASH_DUMP
357/*
358 * Read memory corresponding to the old kernel.
359 */
360static ssize_t read_oldmem(struct file *file, char __user *buf,
361 size_t count, loff_t *ppos)
362{
363 unsigned long pfn, offset;
364 size_t read = 0, csize;
365 int rc = 0;
366
367 while (count) {
368 pfn = *ppos / PAGE_SIZE;
369 if (pfn > saved_max_pfn)
370 return read;
371
372 offset = (unsigned long)(*ppos % PAGE_SIZE);
373 if (count > PAGE_SIZE - offset)
374 csize = PAGE_SIZE - offset;
375 else
376 csize = count;
377
378 rc = copy_oldmem_page(pfn, buf, csize, offset, 1);
379 if (rc < 0)
380 return rc;
381 buf += csize;
382 *ppos += csize;
383 read += csize;
384 count -= csize;
385 }
386 return read;
387}
388#endif
389
390#ifdef CONFIG_DEVKMEM
391/*
392 * This function reads the *virtual* memory as seen by the kernel.
393 */
394static ssize_t read_kmem(struct file *file, char __user *buf,
395 size_t count, loff_t *ppos)
396{
397 unsigned long p = *ppos;
398 ssize_t low_count, read, sz;
399 char * kbuf; /* k-addr because vread() takes vmlist_lock rwlock */
400 int err = 0;
401
402 read = 0;
403 if (p < (unsigned long) high_memory) {
404 low_count = count;
405 if (count > (unsigned long)high_memory - p)
406 low_count = (unsigned long)high_memory - p;
407
408#ifdef __ARCH_HAS_NO_PAGE_ZERO_MAPPED
409 /* we don't have page 0 mapped on sparc and m68k.. */
410 if (p < PAGE_SIZE && low_count > 0) {
411 sz = size_inside_page(p, low_count);
412 if (clear_user(buf, sz))
413 return -EFAULT;
414 buf += sz;
415 p += sz;
416 read += sz;
417 low_count -= sz;
418 count -= sz;
419 }
420#endif
421 while (low_count > 0) {
422 sz = size_inside_page(p, low_count);
423
424 /*
425 * On ia64 if a page has been mapped somewhere as
426 * uncached, then it must also be accessed uncached
427 * by the kernel or data corruption may occur
428 */
429 kbuf = xlate_dev_kmem_ptr((char *)p);
430
431 if (copy_to_user(buf, kbuf, sz))
432 return -EFAULT;
433 buf += sz;
434 p += sz;
435 read += sz;
436 low_count -= sz;
437 count -= sz;
438 }
439 }
440
441 if (count > 0) {
442 kbuf = (char *)__get_free_page(GFP_KERNEL);
443 if (!kbuf)
444 return -ENOMEM;
445 while (count > 0) {
446 sz = size_inside_page(p, count);
447 if (!is_vmalloc_or_module_addr((void *)p)) {
448 err = -ENXIO;
449 break;
450 }
451 sz = vread(kbuf, (char *)p, sz);
452 if (!sz)
453 break;
454 if (copy_to_user(buf, kbuf, sz)) {
455 err = -EFAULT;
456 break;
457 }
458 count -= sz;
459 buf += sz;
460 read += sz;
461 p += sz;
462 }
463 free_page((unsigned long)kbuf);
464 }
465 *ppos = p;
466 return read ? read : err;
467}
468
469
470static ssize_t do_write_kmem(unsigned long p, const char __user *buf,
471 size_t count, loff_t *ppos)
472{
473 ssize_t written, sz;
474 unsigned long copied;
475
476 written = 0;
477#ifdef __ARCH_HAS_NO_PAGE_ZERO_MAPPED
478 /* we don't have page 0 mapped on sparc and m68k.. */
479 if (p < PAGE_SIZE) {
480 sz = size_inside_page(p, count);
481 /* Hmm. Do something? */
482 buf += sz;
483 p += sz;
484 count -= sz;
485 written += sz;
486 }
487#endif
488
489 while (count > 0) {
490 char *ptr;
491
492 sz = size_inside_page(p, count);
493
494 /*
495 * On ia64 if a page has been mapped somewhere as uncached, then
496 * it must also be accessed uncached by the kernel or data
497 * corruption may occur.
498 */
499 ptr = xlate_dev_kmem_ptr((char *)p);
500
501 copied = copy_from_user(ptr, buf, sz);
502 if (copied) {
503 written += sz - copied;
504 if (written)
505 break;
506 return -EFAULT;
507 }
508 buf += sz;
509 p += sz;
510 count -= sz;
511 written += sz;
512 }
513
514 *ppos += written;
515 return written;
516}
517
518/*
519 * This function writes to the *virtual* memory as seen by the kernel.
520 */
521static ssize_t write_kmem(struct file *file, const char __user *buf,
522 size_t count, loff_t *ppos)
523{
524 unsigned long p = *ppos;
525 ssize_t wrote = 0;
526 ssize_t virtr = 0;
527 char * kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */
528 int err = 0;
529
530 if (p < (unsigned long) high_memory) {
531 unsigned long to_write = min_t(unsigned long, count,
532 (unsigned long)high_memory - p);
533 wrote = do_write_kmem(p, buf, to_write, ppos);
534 if (wrote != to_write)
535 return wrote;
536 p += wrote;
537 buf += wrote;
538 count -= wrote;
539 }
540
541 if (count > 0) {
542 kbuf = (char *)__get_free_page(GFP_KERNEL);
543 if (!kbuf)
544 return wrote ? wrote : -ENOMEM;
545 while (count > 0) {
546 unsigned long sz = size_inside_page(p, count);
547 unsigned long n;
548
549 if (!is_vmalloc_or_module_addr((void *)p)) {
550 err = -ENXIO;
551 break;
552 }
553 n = copy_from_user(kbuf, buf, sz);
554 if (n) {
555 err = -EFAULT;
556 break;
557 }
558 vwrite(kbuf, (char *)p, sz);
559 count -= sz;
560 buf += sz;
561 virtr += sz;
562 p += sz;
563 }
564 free_page((unsigned long)kbuf);
565 }
566
567 *ppos = p;
568 return virtr + wrote ? : err;
569}
570#endif
571
572#ifdef CONFIG_DEVPORT
573static ssize_t read_port(struct file *file, char __user *buf,
574 size_t count, loff_t *ppos)
575{
576 unsigned long i = *ppos;
577 char __user *tmp = buf;
578
579 if (!access_ok(VERIFY_WRITE, buf, count))
580 return -EFAULT;
581 while (count-- > 0 && i < 65536) {
582 if (__put_user(inb(i), tmp) < 0)
583 return -EFAULT;
584 i++;
585 tmp++;
586 }
587 *ppos = i;
588 return tmp-buf;
589}
590
591static ssize_t write_port(struct file *file, const char __user *buf,
592 size_t count, loff_t *ppos)
593{
594 unsigned long i = *ppos;
595 const char __user * tmp = buf;
596
597 if (!access_ok(VERIFY_READ, buf, count))
598 return -EFAULT;
599 while (count-- > 0 && i < 65536) {
600 char c;
601 if (__get_user(c, tmp)) {
602 if (tmp > buf)
603 break;
604 return -EFAULT;
605 }
606 outb(c, i);
607 i++;
608 tmp++;
609 }
610 *ppos = i;
611 return tmp-buf;
612}
613#endif
614
615static ssize_t read_null(struct file *file, char __user *buf,
616 size_t count, loff_t *ppos)
617{
618 return 0;
619}
620
621static ssize_t write_null(struct file *file, const char __user *buf,
622 size_t count, loff_t *ppos)
623{
624 return count;
625}
626
627static int pipe_to_null(struct pipe_inode_info *info, struct pipe_buffer *buf,
628 struct splice_desc *sd)
629{
630 return sd->len;
631}
632
633static ssize_t splice_write_null(struct pipe_inode_info *pipe, struct file *out,
634 loff_t *ppos, size_t len, unsigned int flags)
635{
636 return splice_from_pipe(pipe, out, ppos, len, flags, pipe_to_null);
637}
638
639static ssize_t read_zero(struct file *file, char __user *buf,
640 size_t count, loff_t *ppos)
641{
642 size_t written;
643
644 if (!count)
645 return 0;
646
647 if (!access_ok(VERIFY_WRITE, buf, count))
648 return -EFAULT;
649
650 written = 0;
651 while (count) {
652 unsigned long unwritten;
653 size_t chunk = count;
654
655 if (chunk > PAGE_SIZE)
656 chunk = PAGE_SIZE; /* Just for latency reasons */
657 unwritten = __clear_user(buf, chunk);
658 written += chunk - unwritten;
659 if (unwritten)
660 break;
661 if (signal_pending(current))
662 return written ? written : -ERESTARTSYS;
663 buf += chunk;
664 count -= chunk;
665 cond_resched();
666 }
667 return written ? written : -EFAULT;
668}
669
670static int mmap_zero(struct file *file, struct vm_area_struct *vma)
671{
672#ifndef CONFIG_MMU
673 return -ENOSYS;
674#endif
675 if (vma->vm_flags & VM_SHARED)
676 return shmem_zero_setup(vma);
677 return 0;
678}
679
680static ssize_t write_full(struct file *file, const char __user *buf,
681 size_t count, loff_t *ppos)
682{
683 return -ENOSPC;
684}
685
686/*
687 * Special lseek() function for /dev/null and /dev/zero. Most notably, you
688 * can fopen() both devices with "a" now. This was previously impossible.
689 * -- SRB.
690 */
691static loff_t null_lseek(struct file *file, loff_t offset, int orig)
692{
693 return file->f_pos = 0;
694}
695
696/*
697 * The memory devices use the full 32/64 bits of the offset, and so we cannot
698 * check against negative addresses: they are ok. The return value is weird,
699 * though, in that case (0).
700 *
701 * also note that seeking relative to the "end of file" isn't supported:
702 * it has no meaning, so it returns -EINVAL.
703 */
704static loff_t memory_lseek(struct file *file, loff_t offset, int orig)
705{
706 loff_t ret;
707
708 mutex_lock(&file->f_path.dentry->d_inode->i_mutex);
709 switch (orig) {
710 case SEEK_CUR:
711 offset += file->f_pos;
712 case SEEK_SET:
713 /* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
714 if ((unsigned long long)offset >= ~0xFFFULL) {
715 ret = -EOVERFLOW;
716 break;
717 }
718 file->f_pos = offset;
719 ret = file->f_pos;
720 force_successful_syscall_return();
721 break;
722 default:
723 ret = -EINVAL;
724 }
725 mutex_unlock(&file->f_path.dentry->d_inode->i_mutex);
726 return ret;
727}
728
729static int open_port(struct inode * inode, struct file * filp)
730{
731 return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
732}
733
734#define zero_lseek null_lseek
735#define full_lseek null_lseek
736#define write_zero write_null
737#define read_full read_zero
738#define open_mem open_port
739#define open_kmem open_mem
740#define open_oldmem open_mem
741
742static const struct file_operations mem_fops = {
743 .llseek = memory_lseek,
744 .read = read_mem,
745 .write = write_mem,
746 .mmap = mmap_mem,
747 .open = open_mem,
748 .get_unmapped_area = get_unmapped_area_mem,
749};
750
751#ifdef CONFIG_DEVKMEM
752static const struct file_operations kmem_fops = {
753 .llseek = memory_lseek,
754 .read = read_kmem,
755 .write = write_kmem,
756 .mmap = mmap_kmem,
757 .open = open_kmem,
758 .get_unmapped_area = get_unmapped_area_mem,
759};
760#endif
761
762static const struct file_operations null_fops = {
763 .llseek = null_lseek,
764 .read = read_null,
765 .write = write_null,
766 .splice_write = splice_write_null,
767};
768
769#ifdef CONFIG_DEVPORT
770static const struct file_operations port_fops = {
771 .llseek = memory_lseek,
772 .read = read_port,
773 .write = write_port,
774 .open = open_port,
775};
776#endif
777
778static const struct file_operations zero_fops = {
779 .llseek = zero_lseek,
780 .read = read_zero,
781 .write = write_zero,
782 .mmap = mmap_zero,
783};
784
785/*
786 * capabilities for /dev/zero
787 * - permits private mappings, "copies" are taken of the source of zeros
788 * - no writeback happens
789 */
790static struct backing_dev_info zero_bdi = {
791 .name = "char/mem",
792 .capabilities = BDI_CAP_MAP_COPY | BDI_CAP_NO_ACCT_AND_WRITEBACK,
793};
794
795static const struct file_operations full_fops = {
796 .llseek = full_lseek,
797 .read = read_full,
798 .write = write_full,
799};
800
801#ifdef CONFIG_CRASH_DUMP
802static const struct file_operations oldmem_fops = {
803 .read = read_oldmem,
804 .open = open_oldmem,
805 .llseek = default_llseek,
806};
807#endif
808
809static ssize_t kmsg_writev(struct kiocb *iocb, const struct iovec *iv,
810 unsigned long count, loff_t pos)
811{
812 char *line, *p;
813 int i;
814 ssize_t ret = -EFAULT;
815 size_t len = iov_length(iv, count);
816
817 line = kmalloc(len + 1, GFP_KERNEL);
818 if (line == NULL)
819 return -ENOMEM;
820
821 /*
822 * copy all vectors into a single string, to ensure we do
823 * not interleave our log line with other printk calls
824 */
825 p = line;
826 for (i = 0; i < count; i++) {
827 if (copy_from_user(p, iv[i].iov_base, iv[i].iov_len))
828 goto out;
829 p += iv[i].iov_len;
830 }
831 p[0] = '\0';
832
833 ret = printk("%s", line);
834 /* printk can add a prefix */
835 if (ret > len)
836 ret = len;
837out:
838 kfree(line);
839 return ret;
840}
841
842static const struct file_operations kmsg_fops = {
843 .aio_write = kmsg_writev,
844 .llseek = noop_llseek,
845};
846
847static const struct memdev {
848 const char *name;
849 mode_t mode;
850 const struct file_operations *fops;
851 struct backing_dev_info *dev_info;
852} devlist[] = {
853 [1] = { "mem", 0, &mem_fops, &directly_mappable_cdev_bdi },
854#ifdef CONFIG_DEVKMEM
855 [2] = { "kmem", 0, &kmem_fops, &directly_mappable_cdev_bdi },
856#endif
857 [3] = { "null", 0666, &null_fops, NULL },
858#ifdef CONFIG_DEVPORT
859 [4] = { "port", 0, &port_fops, NULL },
860#endif
861 [5] = { "zero", 0666, &zero_fops, &zero_bdi },
862 [7] = { "full", 0666, &full_fops, NULL },
863 [8] = { "random", 0666, &random_fops, NULL },
864 [9] = { "urandom", 0666, &urandom_fops, NULL },
865 [11] = { "kmsg", 0, &kmsg_fops, NULL },
866#ifdef CONFIG_CRASH_DUMP
867 [12] = { "oldmem", 0, &oldmem_fops, NULL },
868#endif
869};
870
871static int memory_open(struct inode *inode, struct file *filp)
872{
873 int minor;
874 const struct memdev *dev;
875
876 minor = iminor(inode);
877 if (minor >= ARRAY_SIZE(devlist))
878 return -ENXIO;
879
880 dev = &devlist[minor];
881 if (!dev->fops)
882 return -ENXIO;
883
884 filp->f_op = dev->fops;
885 if (dev->dev_info)
886 filp->f_mapping->backing_dev_info = dev->dev_info;
887
888 /* Is /dev/mem or /dev/kmem ? */
889 if (dev->dev_info == &directly_mappable_cdev_bdi)
890 filp->f_mode |= FMODE_UNSIGNED_OFFSET;
891
892 if (dev->fops->open)
893 return dev->fops->open(inode, filp);
894
895 return 0;
896}
897
898static const struct file_operations memory_fops = {
899 .open = memory_open,
900 .llseek = noop_llseek,
901};
902
903static char *mem_devnode(struct device *dev, mode_t *mode)
904{
905 if (mode && devlist[MINOR(dev->devt)].mode)
906 *mode = devlist[MINOR(dev->devt)].mode;
907 return NULL;
908}
909
910static struct class *mem_class;
911
912static int __init chr_dev_init(void)
913{
914 int minor;
915 int err;
916
917 err = bdi_init(&zero_bdi);
918 if (err)
919 return err;
920
921 if (register_chrdev(MEM_MAJOR, "mem", &memory_fops))
922 printk("unable to get major %d for memory devs\n", MEM_MAJOR);
923
924 mem_class = class_create(THIS_MODULE, "mem");
925 if (IS_ERR(mem_class))
926 return PTR_ERR(mem_class);
927
928 mem_class->devnode = mem_devnode;
929 for (minor = 1; minor < ARRAY_SIZE(devlist); minor++) {
930 if (!devlist[minor].name)
931 continue;
932 device_create(mem_class, NULL, MKDEV(MEM_MAJOR, minor),
933 NULL, devlist[minor].name);
934 }
935
936 return tty_init();
937}
938
939fs_initcall(chr_dev_init);
1/*
2 * linux/drivers/char/mem.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 *
6 * Added devfs support.
7 * Jan-11-1998, C. Scott Ananian <cananian@alumni.princeton.edu>
8 * Shared /dev/zero mmapping support, Feb 2000, Kanoj Sarcar <kanoj@sgi.com>
9 */
10
11#include <linux/mm.h>
12#include <linux/miscdevice.h>
13#include <linux/slab.h>
14#include <linux/vmalloc.h>
15#include <linux/mman.h>
16#include <linux/random.h>
17#include <linux/init.h>
18#include <linux/raw.h>
19#include <linux/tty.h>
20#include <linux/capability.h>
21#include <linux/ptrace.h>
22#include <linux/device.h>
23#include <linux/highmem.h>
24#include <linux/backing-dev.h>
25#include <linux/splice.h>
26#include <linux/pfn.h>
27#include <linux/export.h>
28#include <linux/io.h>
29#include <linux/aio.h>
30
31#include <asm/uaccess.h>
32
33#ifdef CONFIG_IA64
34# include <linux/efi.h>
35#endif
36
37#define DEVPORT_MINOR 4
38
39static inline unsigned long size_inside_page(unsigned long start,
40 unsigned long size)
41{
42 unsigned long sz;
43
44 sz = PAGE_SIZE - (start & (PAGE_SIZE - 1));
45
46 return min(sz, size);
47}
48
49#ifndef ARCH_HAS_VALID_PHYS_ADDR_RANGE
50static inline int valid_phys_addr_range(phys_addr_t addr, size_t count)
51{
52 return addr + count <= __pa(high_memory);
53}
54
55static inline int valid_mmap_phys_addr_range(unsigned long pfn, size_t size)
56{
57 return 1;
58}
59#endif
60
61#ifdef CONFIG_STRICT_DEVMEM
62static inline int range_is_allowed(unsigned long pfn, unsigned long size)
63{
64 u64 from = ((u64)pfn) << PAGE_SHIFT;
65 u64 to = from + size;
66 u64 cursor = from;
67
68 while (cursor < to) {
69 if (!devmem_is_allowed(pfn)) {
70 printk(KERN_INFO
71 "Program %s tried to access /dev/mem between %Lx->%Lx.\n",
72 current->comm, from, to);
73 return 0;
74 }
75 cursor += PAGE_SIZE;
76 pfn++;
77 }
78 return 1;
79}
80#else
81static inline int range_is_allowed(unsigned long pfn, unsigned long size)
82{
83 return 1;
84}
85#endif
86
87void __weak unxlate_dev_mem_ptr(unsigned long phys, void *addr)
88{
89}
90
91/*
92 * This funcion reads the *physical* memory. The f_pos points directly to the
93 * memory location.
94 */
95static ssize_t read_mem(struct file *file, char __user *buf,
96 size_t count, loff_t *ppos)
97{
98 phys_addr_t p = *ppos;
99 ssize_t read, sz;
100 char *ptr;
101
102 if (p != *ppos)
103 return 0;
104
105 if (!valid_phys_addr_range(p, count))
106 return -EFAULT;
107 read = 0;
108#ifdef __ARCH_HAS_NO_PAGE_ZERO_MAPPED
109 /* we don't have page 0 mapped on sparc and m68k.. */
110 if (p < PAGE_SIZE) {
111 sz = size_inside_page(p, count);
112 if (sz > 0) {
113 if (clear_user(buf, sz))
114 return -EFAULT;
115 buf += sz;
116 p += sz;
117 count -= sz;
118 read += sz;
119 }
120 }
121#endif
122
123 while (count > 0) {
124 unsigned long remaining;
125
126 sz = size_inside_page(p, count);
127
128 if (!range_is_allowed(p >> PAGE_SHIFT, count))
129 return -EPERM;
130
131 /*
132 * On ia64 if a page has been mapped somewhere as uncached, then
133 * it must also be accessed uncached by the kernel or data
134 * corruption may occur.
135 */
136 ptr = xlate_dev_mem_ptr(p);
137 if (!ptr)
138 return -EFAULT;
139
140 remaining = copy_to_user(buf, ptr, sz);
141 unxlate_dev_mem_ptr(p, ptr);
142 if (remaining)
143 return -EFAULT;
144
145 buf += sz;
146 p += sz;
147 count -= sz;
148 read += sz;
149 }
150
151 *ppos += read;
152 return read;
153}
154
155static ssize_t write_mem(struct file *file, const char __user *buf,
156 size_t count, loff_t *ppos)
157{
158 phys_addr_t p = *ppos;
159 ssize_t written, sz;
160 unsigned long copied;
161 void *ptr;
162
163 if (p != *ppos)
164 return -EFBIG;
165
166 if (!valid_phys_addr_range(p, count))
167 return -EFAULT;
168
169 written = 0;
170
171#ifdef __ARCH_HAS_NO_PAGE_ZERO_MAPPED
172 /* we don't have page 0 mapped on sparc and m68k.. */
173 if (p < PAGE_SIZE) {
174 sz = size_inside_page(p, count);
175 /* Hmm. Do something? */
176 buf += sz;
177 p += sz;
178 count -= sz;
179 written += sz;
180 }
181#endif
182
183 while (count > 0) {
184 sz = size_inside_page(p, count);
185
186 if (!range_is_allowed(p >> PAGE_SHIFT, sz))
187 return -EPERM;
188
189 /*
190 * On ia64 if a page has been mapped somewhere as uncached, then
191 * it must also be accessed uncached by the kernel or data
192 * corruption may occur.
193 */
194 ptr = xlate_dev_mem_ptr(p);
195 if (!ptr) {
196 if (written)
197 break;
198 return -EFAULT;
199 }
200
201 copied = copy_from_user(ptr, buf, sz);
202 unxlate_dev_mem_ptr(p, ptr);
203 if (copied) {
204 written += sz - copied;
205 if (written)
206 break;
207 return -EFAULT;
208 }
209
210 buf += sz;
211 p += sz;
212 count -= sz;
213 written += sz;
214 }
215
216 *ppos += written;
217 return written;
218}
219
220int __weak phys_mem_access_prot_allowed(struct file *file,
221 unsigned long pfn, unsigned long size, pgprot_t *vma_prot)
222{
223 return 1;
224}
225
226#ifndef __HAVE_PHYS_MEM_ACCESS_PROT
227
228/*
229 * Architectures vary in how they handle caching for addresses
230 * outside of main memory.
231 *
232 */
233#ifdef pgprot_noncached
234static int uncached_access(struct file *file, phys_addr_t addr)
235{
236#if defined(CONFIG_IA64)
237 /*
238 * On ia64, we ignore O_DSYNC because we cannot tolerate memory
239 * attribute aliases.
240 */
241 return !(efi_mem_attributes(addr) & EFI_MEMORY_WB);
242#elif defined(CONFIG_MIPS)
243 {
244 extern int __uncached_access(struct file *file,
245 unsigned long addr);
246
247 return __uncached_access(file, addr);
248 }
249#else
250 /*
251 * Accessing memory above the top the kernel knows about or through a
252 * file pointer
253 * that was marked O_DSYNC will be done non-cached.
254 */
255 if (file->f_flags & O_DSYNC)
256 return 1;
257 return addr >= __pa(high_memory);
258#endif
259}
260#endif
261
262static pgprot_t phys_mem_access_prot(struct file *file, unsigned long pfn,
263 unsigned long size, pgprot_t vma_prot)
264{
265#ifdef pgprot_noncached
266 phys_addr_t offset = pfn << PAGE_SHIFT;
267
268 if (uncached_access(file, offset))
269 return pgprot_noncached(vma_prot);
270#endif
271 return vma_prot;
272}
273#endif
274
275#ifndef CONFIG_MMU
276static unsigned long get_unmapped_area_mem(struct file *file,
277 unsigned long addr,
278 unsigned long len,
279 unsigned long pgoff,
280 unsigned long flags)
281{
282 if (!valid_mmap_phys_addr_range(pgoff, len))
283 return (unsigned long) -EINVAL;
284 return pgoff << PAGE_SHIFT;
285}
286
287/* can't do an in-place private mapping if there's no MMU */
288static inline int private_mapping_ok(struct vm_area_struct *vma)
289{
290 return vma->vm_flags & VM_MAYSHARE;
291}
292#else
293#define get_unmapped_area_mem NULL
294
295static inline int private_mapping_ok(struct vm_area_struct *vma)
296{
297 return 1;
298}
299#endif
300
301static const struct vm_operations_struct mmap_mem_ops = {
302#ifdef CONFIG_HAVE_IOREMAP_PROT
303 .access = generic_access_phys
304#endif
305};
306
307static int mmap_mem(struct file *file, struct vm_area_struct *vma)
308{
309 size_t size = vma->vm_end - vma->vm_start;
310
311 if (!valid_mmap_phys_addr_range(vma->vm_pgoff, size))
312 return -EINVAL;
313
314 if (!private_mapping_ok(vma))
315 return -ENOSYS;
316
317 if (!range_is_allowed(vma->vm_pgoff, size))
318 return -EPERM;
319
320 if (!phys_mem_access_prot_allowed(file, vma->vm_pgoff, size,
321 &vma->vm_page_prot))
322 return -EINVAL;
323
324 vma->vm_page_prot = phys_mem_access_prot(file, vma->vm_pgoff,
325 size,
326 vma->vm_page_prot);
327
328 vma->vm_ops = &mmap_mem_ops;
329
330 /* Remap-pfn-range will mark the range VM_IO */
331 if (remap_pfn_range(vma,
332 vma->vm_start,
333 vma->vm_pgoff,
334 size,
335 vma->vm_page_prot)) {
336 return -EAGAIN;
337 }
338 return 0;
339}
340
341#ifdef CONFIG_DEVKMEM
342static int mmap_kmem(struct file *file, struct vm_area_struct *vma)
343{
344 unsigned long pfn;
345
346 /* Turn a kernel-virtual address into a physical page frame */
347 pfn = __pa((u64)vma->vm_pgoff << PAGE_SHIFT) >> PAGE_SHIFT;
348
349 /*
350 * RED-PEN: on some architectures there is more mapped memory than
351 * available in mem_map which pfn_valid checks for. Perhaps should add a
352 * new macro here.
353 *
354 * RED-PEN: vmalloc is not supported right now.
355 */
356 if (!pfn_valid(pfn))
357 return -EIO;
358
359 vma->vm_pgoff = pfn;
360 return mmap_mem(file, vma);
361}
362#endif
363
364#ifdef CONFIG_DEVKMEM
365/*
366 * This function reads the *virtual* memory as seen by the kernel.
367 */
368static ssize_t read_kmem(struct file *file, char __user *buf,
369 size_t count, loff_t *ppos)
370{
371 unsigned long p = *ppos;
372 ssize_t low_count, read, sz;
373 char *kbuf; /* k-addr because vread() takes vmlist_lock rwlock */
374 int err = 0;
375
376 read = 0;
377 if (p < (unsigned long) high_memory) {
378 low_count = count;
379 if (count > (unsigned long)high_memory - p)
380 low_count = (unsigned long)high_memory - p;
381
382#ifdef __ARCH_HAS_NO_PAGE_ZERO_MAPPED
383 /* we don't have page 0 mapped on sparc and m68k.. */
384 if (p < PAGE_SIZE && low_count > 0) {
385 sz = size_inside_page(p, low_count);
386 if (clear_user(buf, sz))
387 return -EFAULT;
388 buf += sz;
389 p += sz;
390 read += sz;
391 low_count -= sz;
392 count -= sz;
393 }
394#endif
395 while (low_count > 0) {
396 sz = size_inside_page(p, low_count);
397
398 /*
399 * On ia64 if a page has been mapped somewhere as
400 * uncached, then it must also be accessed uncached
401 * by the kernel or data corruption may occur
402 */
403 kbuf = xlate_dev_kmem_ptr((char *)p);
404
405 if (copy_to_user(buf, kbuf, sz))
406 return -EFAULT;
407 buf += sz;
408 p += sz;
409 read += sz;
410 low_count -= sz;
411 count -= sz;
412 }
413 }
414
415 if (count > 0) {
416 kbuf = (char *)__get_free_page(GFP_KERNEL);
417 if (!kbuf)
418 return -ENOMEM;
419 while (count > 0) {
420 sz = size_inside_page(p, count);
421 if (!is_vmalloc_or_module_addr((void *)p)) {
422 err = -ENXIO;
423 break;
424 }
425 sz = vread(kbuf, (char *)p, sz);
426 if (!sz)
427 break;
428 if (copy_to_user(buf, kbuf, sz)) {
429 err = -EFAULT;
430 break;
431 }
432 count -= sz;
433 buf += sz;
434 read += sz;
435 p += sz;
436 }
437 free_page((unsigned long)kbuf);
438 }
439 *ppos = p;
440 return read ? read : err;
441}
442
443
444static ssize_t do_write_kmem(unsigned long p, const char __user *buf,
445 size_t count, loff_t *ppos)
446{
447 ssize_t written, sz;
448 unsigned long copied;
449
450 written = 0;
451#ifdef __ARCH_HAS_NO_PAGE_ZERO_MAPPED
452 /* we don't have page 0 mapped on sparc and m68k.. */
453 if (p < PAGE_SIZE) {
454 sz = size_inside_page(p, count);
455 /* Hmm. Do something? */
456 buf += sz;
457 p += sz;
458 count -= sz;
459 written += sz;
460 }
461#endif
462
463 while (count > 0) {
464 char *ptr;
465
466 sz = size_inside_page(p, count);
467
468 /*
469 * On ia64 if a page has been mapped somewhere as uncached, then
470 * it must also be accessed uncached by the kernel or data
471 * corruption may occur.
472 */
473 ptr = xlate_dev_kmem_ptr((char *)p);
474
475 copied = copy_from_user(ptr, buf, sz);
476 if (copied) {
477 written += sz - copied;
478 if (written)
479 break;
480 return -EFAULT;
481 }
482 buf += sz;
483 p += sz;
484 count -= sz;
485 written += sz;
486 }
487
488 *ppos += written;
489 return written;
490}
491
492/*
493 * This function writes to the *virtual* memory as seen by the kernel.
494 */
495static ssize_t write_kmem(struct file *file, const char __user *buf,
496 size_t count, loff_t *ppos)
497{
498 unsigned long p = *ppos;
499 ssize_t wrote = 0;
500 ssize_t virtr = 0;
501 char *kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */
502 int err = 0;
503
504 if (p < (unsigned long) high_memory) {
505 unsigned long to_write = min_t(unsigned long, count,
506 (unsigned long)high_memory - p);
507 wrote = do_write_kmem(p, buf, to_write, ppos);
508 if (wrote != to_write)
509 return wrote;
510 p += wrote;
511 buf += wrote;
512 count -= wrote;
513 }
514
515 if (count > 0) {
516 kbuf = (char *)__get_free_page(GFP_KERNEL);
517 if (!kbuf)
518 return wrote ? wrote : -ENOMEM;
519 while (count > 0) {
520 unsigned long sz = size_inside_page(p, count);
521 unsigned long n;
522
523 if (!is_vmalloc_or_module_addr((void *)p)) {
524 err = -ENXIO;
525 break;
526 }
527 n = copy_from_user(kbuf, buf, sz);
528 if (n) {
529 err = -EFAULT;
530 break;
531 }
532 vwrite(kbuf, (char *)p, sz);
533 count -= sz;
534 buf += sz;
535 virtr += sz;
536 p += sz;
537 }
538 free_page((unsigned long)kbuf);
539 }
540
541 *ppos = p;
542 return virtr + wrote ? : err;
543}
544#endif
545
546#ifdef CONFIG_DEVPORT
547static ssize_t read_port(struct file *file, char __user *buf,
548 size_t count, loff_t *ppos)
549{
550 unsigned long i = *ppos;
551 char __user *tmp = buf;
552
553 if (!access_ok(VERIFY_WRITE, buf, count))
554 return -EFAULT;
555 while (count-- > 0 && i < 65536) {
556 if (__put_user(inb(i), tmp) < 0)
557 return -EFAULT;
558 i++;
559 tmp++;
560 }
561 *ppos = i;
562 return tmp-buf;
563}
564
565static ssize_t write_port(struct file *file, const char __user *buf,
566 size_t count, loff_t *ppos)
567{
568 unsigned long i = *ppos;
569 const char __user *tmp = buf;
570
571 if (!access_ok(VERIFY_READ, buf, count))
572 return -EFAULT;
573 while (count-- > 0 && i < 65536) {
574 char c;
575 if (__get_user(c, tmp)) {
576 if (tmp > buf)
577 break;
578 return -EFAULT;
579 }
580 outb(c, i);
581 i++;
582 tmp++;
583 }
584 *ppos = i;
585 return tmp-buf;
586}
587#endif
588
589static ssize_t read_null(struct file *file, char __user *buf,
590 size_t count, loff_t *ppos)
591{
592 return 0;
593}
594
595static ssize_t write_null(struct file *file, const char __user *buf,
596 size_t count, loff_t *ppos)
597{
598 return count;
599}
600
601static ssize_t aio_read_null(struct kiocb *iocb, const struct iovec *iov,
602 unsigned long nr_segs, loff_t pos)
603{
604 return 0;
605}
606
607static ssize_t aio_write_null(struct kiocb *iocb, const struct iovec *iov,
608 unsigned long nr_segs, loff_t pos)
609{
610 return iov_length(iov, nr_segs);
611}
612
613static int pipe_to_null(struct pipe_inode_info *info, struct pipe_buffer *buf,
614 struct splice_desc *sd)
615{
616 return sd->len;
617}
618
619static ssize_t splice_write_null(struct pipe_inode_info *pipe, struct file *out,
620 loff_t *ppos, size_t len, unsigned int flags)
621{
622 return splice_from_pipe(pipe, out, ppos, len, flags, pipe_to_null);
623}
624
625static ssize_t read_zero(struct file *file, char __user *buf,
626 size_t count, loff_t *ppos)
627{
628 size_t written;
629
630 if (!count)
631 return 0;
632
633 if (!access_ok(VERIFY_WRITE, buf, count))
634 return -EFAULT;
635
636 written = 0;
637 while (count) {
638 unsigned long unwritten;
639 size_t chunk = count;
640
641 if (chunk > PAGE_SIZE)
642 chunk = PAGE_SIZE; /* Just for latency reasons */
643 unwritten = __clear_user(buf, chunk);
644 written += chunk - unwritten;
645 if (unwritten)
646 break;
647 if (signal_pending(current))
648 return written ? written : -ERESTARTSYS;
649 buf += chunk;
650 count -= chunk;
651 cond_resched();
652 }
653 return written ? written : -EFAULT;
654}
655
656static ssize_t aio_read_zero(struct kiocb *iocb, const struct iovec *iov,
657 unsigned long nr_segs, loff_t pos)
658{
659 size_t written = 0;
660 unsigned long i;
661 ssize_t ret;
662
663 for (i = 0; i < nr_segs; i++) {
664 ret = read_zero(iocb->ki_filp, iov[i].iov_base, iov[i].iov_len,
665 &pos);
666 if (ret < 0)
667 break;
668 written += ret;
669 }
670
671 return written ? written : -EFAULT;
672}
673
674static int mmap_zero(struct file *file, struct vm_area_struct *vma)
675{
676#ifndef CONFIG_MMU
677 return -ENOSYS;
678#endif
679 if (vma->vm_flags & VM_SHARED)
680 return shmem_zero_setup(vma);
681 return 0;
682}
683
684static ssize_t write_full(struct file *file, const char __user *buf,
685 size_t count, loff_t *ppos)
686{
687 return -ENOSPC;
688}
689
690/*
691 * Special lseek() function for /dev/null and /dev/zero. Most notably, you
692 * can fopen() both devices with "a" now. This was previously impossible.
693 * -- SRB.
694 */
695static loff_t null_lseek(struct file *file, loff_t offset, int orig)
696{
697 return file->f_pos = 0;
698}
699
700/*
701 * The memory devices use the full 32/64 bits of the offset, and so we cannot
702 * check against negative addresses: they are ok. The return value is weird,
703 * though, in that case (0).
704 *
705 * also note that seeking relative to the "end of file" isn't supported:
706 * it has no meaning, so it returns -EINVAL.
707 */
708static loff_t memory_lseek(struct file *file, loff_t offset, int orig)
709{
710 loff_t ret;
711
712 mutex_lock(&file_inode(file)->i_mutex);
713 switch (orig) {
714 case SEEK_CUR:
715 offset += file->f_pos;
716 case SEEK_SET:
717 /* to avoid userland mistaking f_pos=-9 as -EBADF=-9 */
718 if (IS_ERR_VALUE((unsigned long long)offset)) {
719 ret = -EOVERFLOW;
720 break;
721 }
722 file->f_pos = offset;
723 ret = file->f_pos;
724 force_successful_syscall_return();
725 break;
726 default:
727 ret = -EINVAL;
728 }
729 mutex_unlock(&file_inode(file)->i_mutex);
730 return ret;
731}
732
733static int open_port(struct inode *inode, struct file *filp)
734{
735 return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
736}
737
738#define zero_lseek null_lseek
739#define full_lseek null_lseek
740#define write_zero write_null
741#define read_full read_zero
742#define aio_write_zero aio_write_null
743#define open_mem open_port
744#define open_kmem open_mem
745
746static const struct file_operations mem_fops = {
747 .llseek = memory_lseek,
748 .read = read_mem,
749 .write = write_mem,
750 .mmap = mmap_mem,
751 .open = open_mem,
752 .get_unmapped_area = get_unmapped_area_mem,
753};
754
755#ifdef CONFIG_DEVKMEM
756static const struct file_operations kmem_fops = {
757 .llseek = memory_lseek,
758 .read = read_kmem,
759 .write = write_kmem,
760 .mmap = mmap_kmem,
761 .open = open_kmem,
762 .get_unmapped_area = get_unmapped_area_mem,
763};
764#endif
765
766static const struct file_operations null_fops = {
767 .llseek = null_lseek,
768 .read = read_null,
769 .write = write_null,
770 .aio_read = aio_read_null,
771 .aio_write = aio_write_null,
772 .splice_write = splice_write_null,
773};
774
775#ifdef CONFIG_DEVPORT
776static const struct file_operations port_fops = {
777 .llseek = memory_lseek,
778 .read = read_port,
779 .write = write_port,
780 .open = open_port,
781};
782#endif
783
784static const struct file_operations zero_fops = {
785 .llseek = zero_lseek,
786 .read = read_zero,
787 .write = write_zero,
788 .aio_read = aio_read_zero,
789 .aio_write = aio_write_zero,
790 .mmap = mmap_zero,
791};
792
793/*
794 * capabilities for /dev/zero
795 * - permits private mappings, "copies" are taken of the source of zeros
796 * - no writeback happens
797 */
798static struct backing_dev_info zero_bdi = {
799 .name = "char/mem",
800 .capabilities = BDI_CAP_MAP_COPY | BDI_CAP_NO_ACCT_AND_WRITEBACK,
801};
802
803static const struct file_operations full_fops = {
804 .llseek = full_lseek,
805 .read = read_full,
806 .write = write_full,
807};
808
809static const struct memdev {
810 const char *name;
811 umode_t mode;
812 const struct file_operations *fops;
813 struct backing_dev_info *dev_info;
814} devlist[] = {
815 [1] = { "mem", 0, &mem_fops, &directly_mappable_cdev_bdi },
816#ifdef CONFIG_DEVKMEM
817 [2] = { "kmem", 0, &kmem_fops, &directly_mappable_cdev_bdi },
818#endif
819 [3] = { "null", 0666, &null_fops, NULL },
820#ifdef CONFIG_DEVPORT
821 [4] = { "port", 0, &port_fops, NULL },
822#endif
823 [5] = { "zero", 0666, &zero_fops, &zero_bdi },
824 [7] = { "full", 0666, &full_fops, NULL },
825 [8] = { "random", 0666, &random_fops, NULL },
826 [9] = { "urandom", 0666, &urandom_fops, NULL },
827#ifdef CONFIG_PRINTK
828 [11] = { "kmsg", 0644, &kmsg_fops, NULL },
829#endif
830};
831
832static int memory_open(struct inode *inode, struct file *filp)
833{
834 int minor;
835 const struct memdev *dev;
836
837 minor = iminor(inode);
838 if (minor >= ARRAY_SIZE(devlist))
839 return -ENXIO;
840
841 dev = &devlist[minor];
842 if (!dev->fops)
843 return -ENXIO;
844
845 filp->f_op = dev->fops;
846 if (dev->dev_info)
847 filp->f_mapping->backing_dev_info = dev->dev_info;
848
849 /* Is /dev/mem or /dev/kmem ? */
850 if (dev->dev_info == &directly_mappable_cdev_bdi)
851 filp->f_mode |= FMODE_UNSIGNED_OFFSET;
852
853 if (dev->fops->open)
854 return dev->fops->open(inode, filp);
855
856 return 0;
857}
858
859static const struct file_operations memory_fops = {
860 .open = memory_open,
861 .llseek = noop_llseek,
862};
863
864static char *mem_devnode(struct device *dev, umode_t *mode)
865{
866 if (mode && devlist[MINOR(dev->devt)].mode)
867 *mode = devlist[MINOR(dev->devt)].mode;
868 return NULL;
869}
870
871static struct class *mem_class;
872
873static int __init chr_dev_init(void)
874{
875 int minor;
876 int err;
877
878 err = bdi_init(&zero_bdi);
879 if (err)
880 return err;
881
882 if (register_chrdev(MEM_MAJOR, "mem", &memory_fops))
883 printk("unable to get major %d for memory devs\n", MEM_MAJOR);
884
885 mem_class = class_create(THIS_MODULE, "mem");
886 if (IS_ERR(mem_class))
887 return PTR_ERR(mem_class);
888
889 mem_class->devnode = mem_devnode;
890 for (minor = 1; minor < ARRAY_SIZE(devlist); minor++) {
891 if (!devlist[minor].name)
892 continue;
893
894 /*
895 * Create /dev/port?
896 */
897 if ((minor == DEVPORT_MINOR) && !arch_has_dev_port())
898 continue;
899
900 device_create(mem_class, NULL, MKDEV(MEM_MAJOR, minor),
901 NULL, devlist[minor].name);
902 }
903
904 return tty_init();
905}
906
907fs_initcall(chr_dev_init);