lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 13 Sep 2010 21:45:49 -0400
From:	Valdis.Kletnieks@...edu
To:	Samuel Thibault <Samuel.Thibault@...-lyon.org>
Cc:	Shérab <Sebastien.Hinderer@...-lyon.org>,
	"H. Peter Anvin" <hpa@...or.com>, Len Brown <lenb@...nel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Andres Salomon <dilinger@...ued.net>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] x86: EuroBraille/Iris power off

On Mon, 13 Sep 2010 17:22:49 +0200, Samuel Thibault said:

> Again, I'm not sure we really should try hard to make it automatically
> detected (and thus always enabled).  Having to pass a kernel parameter
> to enable the functionality is completely fine, since installing Linux
> on this device requires quite some tinkering already.

I'm agreeing that if iris_init() checks that the user passed 'irisinit.force=1'
on the command line or as a module parameter, and bailed immediately if it
wasn't passed, then doing the inb() and testing it should be safe enough. Doing
stuff that's only known safe on an Iris is no great sin if the user has said
"Yes, you're on a Iris" - at that point it's the user's fault.

static int iris_init(void)
{
	unsigned char status;

	if (!irisinit.force) return; /* or whatever the appropriate test is */

	status = inb(IRIS_GIO_INPUT);
	if (status == IRIS_GIO_NODEV) {
		printk(KERN_ERR "This machine does not seem to be an Iris. Power_off handler not installed.\n");
		return -ENODEV;
	}

That look safe enough to everybody?  That way, even if a distro turns on every
CONFIG_FOO that compiles (you guys know who you are ;), it should still DTRT on
all platforms.


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ