lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <11912.1200005441@turing-police.cc.vt.edu>
Date:	Thu, 10 Jan 2008 17:50:41 -0500
From:	Valdis.Kletnieks@...edu
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	"Pallipadi, Venkatesh" <venkatesh.pallipadi@...el.com>, ak@....de,
	ebiederm@...ssion.com, rdreier@...co.com, gregkh@...e.de,
	airlied@...net.ie, davej@...hat.com, mingo@...e.hu,
	tglx@...utronix.de, akpm@...ux-foundation.org, arjan@...radead.org,
	"Barnes, Jesse" <jesse.barnes@...el.com>, davem@...emloft.net,
	linux-kernel@...r.kernel.org,
	"Siddha, Suresh B" <suresh.b.siddha@...el.com>
Subject: Re: [patch 02/11] PAT x86: Map only usable memory in x86_64 identity map and kernel text

On Thu, 10 Jan 2008 14:15:25 PST, Linus Torvalds said:

> Well, I think that /dev/mem should simply give them the right info. That's 
> what people use /dev/mem for - doing things like reading BIOS images etc. 
> 
> So returning *either* a zero page *or* stopping at the first hole is both 
> equally wrong. 

A case could be made that the /dev/mem driver should at *least* prohibit access
to those memory ranges that the kernel already knows have (or might have)
memory-mapped control registers with Bad Juju side-effects attached to them.

Of course, a case could also be made that it should be permitted, because
anybody who tries to read such memory addresses either (a) knows what they're
doing or (b) is about to become an example of evolution in action... ;)

(Personally, I keep a copy of Arjan's "restrict devmem" patch from Fedora
around, so I guess that says which camp I belong in, and the fact it's a Fedora
patch and not mainstream says something too...)


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ