| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 06 Dec 2007 21:23:41 +0100 From: Stefan Richter <stefanr@...6.in-berlin.de> To: Bernhard Kaindl <bk@...e.de> CC: Andi Kleen <ak@...e.de>, Bernhard Kaindl <bkaindl@...i.org>, linux-kernel@...r.kernel.org, linux1394-devel@...ts.sourceforge.net, Thomas Renninger <trenn@...e.de>, Benjamin Herrenschmidt <benh@...nel.crashing.org> Subject: Re: [PATCH] Early boot debugging via FireWire (ohci1394_dma=early) Bernhard Kaindl wrote: > after summing up the discussion on previous patches, I'm now submitting the > patch below for formal review and adoption on branches for mainline inclusion. I will look a bit more into the details later; for now I have just a quick comment on the documentation. > --- linux-2.6.24-rc4/Documentation/debugging-via-ohci1394.txt > +++ linux-2.6.24-rc4/Documentation/debugging-via-ohci1394.txt > @@ -0,0 +1,179 @@ > + > + Using physical DMA provided by OHCI-1394 FireWire controllers for debugging > + --------------------------------------------------------------------------- > + > +Introduction > +------------ There are some really long sentences in it. Try to use the "." character more often. :-) > +Basically all FireWire controllers which are in use today are compliant > +to the OHCI-1394 specification which defines the controller to be a PCI > +bus master which uses DMA to offload data transfers from the CPU and has > +a "Physical Response Unit" which executes specific requests by employing > +PCI-Bus master DMA after applying filters defined by the OHCI-1394 driver. > + > +Once properly configured, remote machines can send these requests to > +ask the OHCI-1394 controller to perform read and write requests on > +physical system memory and, for read requests, send the result of > +the physical memory read back to the requester. In other words, the FireWire controller can be configured to work as a bus bridge between FireWire bus and local bus (PCI or PCIe). And yes, there are security implications. [...] > +The OHCI-1394 drivers in drivers/firewire and drivers/ieee1394 initialize > +the OHCI-1394 controllers to a working state and can be used to enable > +physical DMA. By default you only have to load the driver, and physical > +DMA access will be granted to all remote nodes, but it can be turned off > +when using the ohci1394 driver. This is correct for ohci1394, and it's a bug. http://bugzilla.kernel.org/show_bug.cgi?id=7794 firewire-ohci however implements filtered physical DMA. The only user of that is the firewire-sbp2 driver which grants SBP-2 targets access through the physical response unit. firewire-ohci has at the moment no option for either unfiltered physical DMA (as needed by firescope at al, tracked at http://wiki.linux1394.org/ToDo) nor to completely disable physical DMA. -- Stefan Richter -=====-=-=== ==-- --==- http://arcgraph.de/sr/ -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists