| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 Jun 2011 18:40:45 +0200 From: Ingo Molnar <mingo@...e.hu> To: "H. Peter Anvin" <hpa@...or.com> Cc: Ryan Mallon <rmallon@...il.com>, Petr Tesarik <ptesarik@...e.cz>, Andrew Morton <akpm@...ux-foundation.org>, Fenghua Yu <fenghua.yu@...el.com>, Ingo Molnar <mingo@...hat.com>, Paul Mundt <lethal@...ux-sh.org>, Russell King <linux@....linux.org.uk>, Thomas Gleixner <tglx@...utronix.de>, Tony Luck <tony.luck@...el.com>, x86@...nel.org, linux-arm-kernel@...ts.infradead.org, linux-ia64@...r.kernel.org, linux-sh@...r.kernel.org, linux-kernel@...r.kernel.org, Arjan van de Ven <arjan@...radead.org>, Dave Jones <davej@...hat.com>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses * H. Peter Anvin <hpa@...or.com> wrote: > On 06/20/2011 12:41 AM, Ingo Molnar wrote: > > > > * H. Peter Anvin <hpa@...or.com> wrote: > > > >> There are some test drivers which really want /dev/mem to work. > > > > Test drivers and test hardware with zero enumeration can use below 4G > > addresses just fine. > > > > Also, debugging is not an issue and some non-default kernel or boot > > option can enable any sort of device i guess, so my main worry isnt > > really security but that we should stand in the way of the apparent > > practice of *shipping* user-space drivers that use /dev/mem ... > > > > We should either fix /dev/mem to work according to its > specification or rip it out. The issue with test drivers is not > spurious... I ran into this one myself a few weeks ago while trying > to do a memory test (by limiting the amount of memory available to > the kernel). This is something that is typically done on factory > floors, and it would be nice to be able to get those environments > over to using Linux. There is no reason why they couldnt use a .config option or a boot option to get their weird stuff going, which weird stuff also happens to be useful. What i'm somewhat against is having this enabled by default for weird stuff that also happens to be harmful - and the fact that it never worked over 4G physical gives us the perfect opportunity to do just that. Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists