From owner-svn-src-head@freebsd.org Wed Aug 17 09:20:06 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1630CBBC983; Wed, 17 Aug 2016 09:20:06 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DAB491BCC; Wed, 17 Aug 2016 09:20:05 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u7H9K59C049769; Wed, 17 Aug 2016 09:20:05 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u7H9K5FS049768; Wed, 17 Aug 2016 09:20:05 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201608170920.u7H9K5FS049768@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Wed, 17 Aug 2016 09:20:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r304279 - head/sys/dev/acpica X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Aug 2016 09:20:06 -0000 Author: kib Date: Wed Aug 17 09:20:04 2016 New Revision: 304279 URL: https://svnweb.freebsd.org/changeset/base/304279 Log: By default, allow all to read the HPET registers pages. At the same time, by, by default disallow writes to the mmaped HPET pages. Intent is to allow userspace to use HPET as fast (i.e. no-syscall) timecounter for gettimeofday(2). Unfortunately, the permission model does not make it possible to safely unhide /dev/hpet in the jails even if default mode is set to 0444, because untrusted jailed root may change device permissions to writeable. Sponsored by: The FreeBSD Foundation MFC after: 3 weeks Modified: head/sys/dev/acpica/acpi_hpet.c Modified: head/sys/dev/acpica/acpi_hpet.c ============================================================================== --- head/sys/dev/acpica/acpi_hpet.c Wed Aug 17 09:12:02 2016 (r304278) +++ head/sys/dev/acpica/acpi_hpet.c Wed Aug 17 09:20:04 2016 (r304279) @@ -762,14 +762,14 @@ hpet_attach(device_t dev) mda.mda_devsw = &hpet_cdevsw; mda.mda_uid = UID_ROOT; mda.mda_gid = GID_WHEEL; - mda.mda_mode = 0600; + mda.mda_mode = 0644; mda.mda_si_drv1 = sc; error = make_dev_s(&mda, &sc->pdev, "hpet%d", device_get_unit(dev)); if (error == 0) { sc->mmap_allow = 1; TUNABLE_INT_FETCH("hw.acpi.hpet.mmap_allow", &sc->mmap_allow); - sc->mmap_allow_write = 1; + sc->mmap_allow_write = 0; TUNABLE_INT_FETCH("hw.acpi.hpet.mmap_allow_write", &sc->mmap_allow_write); SYSCTL_ADD_INT(device_get_sysctl_ctx(dev),