lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 16 Jul 2006 19:53:14 +0100
From:	Russell King <rmk+lkml@....linux.org.uk>
To:	Albert Cahalan <acahalan@...il.com>
Cc:	Kyle Moffett <mrmacman_g4@....com>, dwmw2@...radead.org,
	arjan@...radead.org, maillist@...55.com, ralf@...ux-mips.org,
	linux-kernel@...r.kernel.org, davem@...emloft.net
Subject: Re: 2.6.18 Headers - Long

On Sun, Jul 16, 2006 at 02:38:45PM -0400, Albert Cahalan wrote:
> On 7/16/06, Kyle Moffett <mrmacman_g4@....com> wrote:
> >On Jul 15, 2006, at 17:09:28, Albert Cahalan wrote:
> 
> >You realize that on a couple architectures it's fundamentally
> >impossible to get atomic ops completely in userspace, right?
> 
> Sure. Those architectures don't need to drag down the rest.
> Plenty of headers are only exported for some architectures.

Wrong perspective.  The problem is that they may _appear_ to work as
described, but not actually work in the intended way.  That's a bug,
and it's a _hard_ bug to locate.

> (Well actually, such architectures could just give apps a
> writable flag to disable the scheduler -- this is acceptable
> for the embedded things these architectures are used for.

Cloud cuckoo land.  In the embedded world, there are folk still want
to have the security aspects as well.  Moreover, there are far more
folk who do _NOT_ want to have things like "disable the scheduler" -
think the realtime folk.

> It's not as if the app developers would care to support
> those architectures anyway.

That's actually more of a reason to take away the toys they shouldn't
be playing with in the first place - the only reason these (wrong)
interfaces are being used is because they're easily accessible.  Had
they _never_ been visible to userspace, no one would've attempted to
use them in the first place.

So, take away the "easily accessible" bit on the common architectures
and they'll find different ways to meet their needs.  Hopefully, that
will be some portable solution instead of one where racy code goes by
unnoticed.  If it isn't, at least there will be build errors to tell
you something needs to be fixed (probably from the assembler!)

-- 
Russell King
 Linux kernel    2.6 ARM Linux   - http://www.arm.linux.org.uk/
 maintainer of:  2.6 Serial core
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ