lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 22 Sep 2007 12:42:16 -0600
From:	Robert Hancock <hancockr@...w.ca>
To:	Thomas Gleixner <tglx@...utronix.de>
Cc:	Yinghai Lu <yhlu.kernel@...il.com>, Andi Kleen <ak@...e.de>,
	rajesh.shah@...el.com, jbarnes@...tuousgeek.org, greg@...ah.com,
	patches@...-64.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] [9/50] i386: validate against ACPI motherboard	resources

Thomas Gleixner wrote:
> On Sat, 2007-09-22 at 10:28 -0600, Robert Hancock wrote:
>> Yinghai Lu wrote:
>>> No!
>>>
>>> MMCONFIG will not work with acpi=off any more.
>> I don't think this is unreasonable. The ACPI MCFG table is how we are 
>> supposed to learn about the area in the first place. If we can't get the 
>> table location via an approved mechanism, and can't validate it doesn't 
>> overlap with another memory reservation or something, I really don't 
>> think we should be using it.
> 
> We all know how correct ACPI tables are. Specifications are nice,
> reality tells a different story.

MMCONFIG can't be used without ACPI in any case unless we know where the 
  table is using chipset-specific knowledge (i.e. reading the registers 
directly). Doing that without being told that this area is really 
intended to be used, via the ACPI table, is dangerous, i.e. we don't 
necessarily know if the MMCONFIG is broken on the platform in some way 
we can't detect.

> 
>> I don't think it's much of an issue anyway - the chances that somebody 
>> will want to run without ACPI on a system with MCFG are pretty low given 
>> that you'll end up losing a bunch of functionality (not least of which 
>> is multi-cores).
> 
> acpi=off is an often used debug switch and it _is_ quite useful. Taking
> away debug functionality is not a good idea.

If someone has to turn ACPI off, disabling MMCONFIG is probably the 
least of their worries..

-- 
Robert Hancock      Saskatoon, SK, Canada
To email, remove "nospam" from hancockr@...pamshaw.ca
Home Page: http://www.roberthancock.com/


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ