3 * (C) COPYRIGHT 2011-2015 ARM Limited. All rights reserved.
5 * This program is free software and is provided to you under the terms of the
6 * GNU General Public License version 2 as published by the Free Software
7 * Foundation, and any use by you of this program is subject to the terms
10 * A copy of the licence is included with the program, and can also be obtained
11 * from Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
12 * Boston, MA 02110-1301, USA.
21 * @file mali_kbase_security.c
22 * Base kernel security capability API
25 #include <mali_kbase.h>
27 static inline bool kbasep_am_i_root(void)
29 #if KBASE_HWCNT_DUMP_BYPASS_ROOT
33 #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0)
34 if (uid_eq(current_euid(), GLOBAL_ROOT_UID))
37 if (current_euid() == 0)
39 #endif /*LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0)*/
41 #endif /*KBASE_HWCNT_DUMP_BYPASS_ROOT*/
45 * kbase_security_has_capability - see mali_kbase_caps.h for description.
48 bool kbase_security_has_capability(struct kbase_context *kctx, enum kbase_security_capability cap, u32 flags)
51 bool access_allowed = false;
52 bool audit = KBASE_SEC_FLAG_AUDIT & flags;
54 KBASE_DEBUG_ASSERT(NULL != kctx);
57 /* Detect unsupported flags */
58 KBASE_DEBUG_ASSERT(((~KBASE_SEC_FLAG_MASK) & flags) == 0);
60 /* Determine if access is allowed for the given cap */
62 case KBASE_SEC_MODIFY_PRIORITY:
63 case KBASE_SEC_INSTR_HW_COUNTERS_COLLECT:
64 /* Access is granted only if the caller is privileged */
65 access_allowed = kbasep_am_i_root();
69 /* Report problem if requested */
70 if (!access_allowed && audit)
71 dev_warn(kctx->kbdev->dev, "Security capability failure: %d, %p", cap, (void *)kctx);
73 return access_allowed;
76 KBASE_EXPORT_TEST_API(kbase_security_has_capability);