lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070914174028.GC8998@8bytes.org>
Date:	Fri, 14 Sep 2007 19:40:28 +0200
From:	Joerg Roedel <joro@...tes.org>
To:	Manu Abraham <abraham.manu@...il.com>
Cc:	Markus Rechberger <mrechberger@...il.com>,
	"linux-dvb@...uxtv.org" <linux-dvb@...uxtv.org>,
	"video4linux-list@...hat.com" <video4linux-list@...hat.com>,
	"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [linux-dvb] [PATCH] Userspace tuner

On Fri, Sep 14, 2007 at 08:56:40PM +0400, Manu Abraham wrote:
> 
> I do understand that (an earlier reply from Grant Grundler on the same
> [1], while working on something else), but that wasn't exactly what i
> was getting at. The bridges are in fact tied up with a certain CPU class.
> 
> Though your argument holds true: "secure userpsace device drivers can be
> implemented with modern hardware" There is a large flaw in it. (From an
> academic POV, you are correct)
> 
> Now, if all the drivers were to depend on that certain feature, what
> happens to all other CPU class users ? Looking at a pile of CPU's being
> used, also not to forget that devices such as STB's use even very small
> embedded CPU's such as the PPC405 Vulcan based [2] to mobile devices
> such as mobile phones using ARM, Xtensa [3], OMAP CPU's/platforms, which
> do not in any way use the bridges nor the CPU class which you however
> mention.

This is true. These platforms do not (and afaik will not) have an
IOMMU and thus its impossible to implement a secure userspace driver
interface that supports DMA. In general, IOMMUs are only expected on
platforms which implement virtualization, have a processor address space
larger than the io address space or both.

> So .. we are looking at a small segment, ie. a subset of the PC users
> even, even if the larger segments like STB's can be ignored. This would
> mean that only a small subset of users using a certain CPU class can use
> those drivers (eventhough the devices themselves don't have that
> limitation, the limitation being the implementation of the driver
> alone), which is absurd.

This is also true. But looking at the current development of
virtualization in hardware on the PC market (and also the increasing
amount of main memory) makes me sure that in a few years every new sold
_PC_ will haven an IOMMU inside. But the problems with the other
platforms or older hardware will certainly remain.

Joerg
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ