| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 13 Jan 2008 10:41:24 -0800 From: Arjan van de Ven <arjan@...radead.org> To: Loic Prylli <loic@...i.com> Cc: Ivan Kokshaysky <ink@...assic.park.msu.ru>, Greg KH <greg@...ah.com>, Matthew Wilcox <matthew@....cx>, Linus Torvalds <torvalds@...ux-foundation.org>, Greg KH <gregkh@...e.de>, linux-kernel@...r.kernel.org, Jeff Garzik <jeff@...zik.org>, linux-pci@...ey.karlin.mff.cuni.cz, Benjamin Herrenschmidt <benh@...nel.crashing.org>, Martin Mares <mj@....cz>, Tony Camuso <tcamuso@...hat.com> Subject: Re: [Patch v2] Make PCI extended config space (MMCONFIG) a driver opt-in On Sun, 13 Jan 2008 13:23:35 -0500 Loic Prylli <loic@...i.com> wrote: Matthew pointed a patch that basically does what you suggested; only one comment on your mail left after that: > > 2) the pci_enable_ext_config() function and dev->ext_cfg_space field, > sysfs interface should be removed from the patch. There has never > been a problem reporting crashes or any undefined behaviour while > trying to access ext-conf-space, all the problems where *using > mmconfig to access legacy-conf-space*. This entirely misses the point of why I made the patch. The point is NOT that devices are buggy. The point is that right now, 99.99% of the machines out there do NOT need extended config space (no matter how it gets accessed), yet at the same time they suffered from it's issues for... what 2 years now? The point of my patch was to make people who don't need extended config space, not have to deal with it anymore. Note: There is not a 100% overlap between "need" and "will not be used in the patches that use legacy for < 256". In the other patches posted, extended config space will be used in cases where it won't be with my patch. (Most obvious one is an "lspci -vx" from automated scripts). Is that a problem? We've had 2 years of mess, with one not-enough patch after another. There still are problems TODAY (eg im 2.6.24-rc7). The patch that falls back to an alternative method for below 256 is no doubt a step in the right direction. (although I'm not all that happy about mixing access types, it's not provably incorrect) Is it enough? I'm not sure. Only time can tell I suppose, but the risk side is that if it is not enough, users who don't need the extended config space for functionality will suffer the bugs AGAIN. So in short, my approach was NOT about "fix PCI", it is about "fix the user experience". It's a stopgap for sure, until the underlying mechanism gets reliable. It's been 2 years..... maybe this next step is "it", maybe it isn't. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists