| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87tx4op8s5.fsf@tassilo.jf.intel.com> Date: Wed, 03 Sep 2014 16:46:18 -0700 From: Andi Kleen <andi@...stfloor.org> To: "H. Peter Anvin" <h.peter.anvin@...el.com> Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...nel.org>, Thomas Gleixner <tglx@...utronix.de>, Matthew Garrett <mjg59@...f.ucam.org> Subject: Re: RFC: Tainting the kernel on raw I/O access "H. Peter Anvin" <h.peter.anvin@...el.com> writes: > In a meeting earlier today, we discussed MSR access and that it could be > used to do bad things. The same applies to other forms of raw I/O > (/dev/mem, /dev/port, ioperm, iopl, etc.) I don't think it makes sense to use the taint flags as a security mechanism. They would be a very poor (and likely by itself insecure) one. As for the original purpose of taints, I'm not aware of any problems with MSR access or port IO causing excessive kernel oops reports. Are you? If there are none I don't think it makes sense. At least personally I use MSR accesses quite frequently for benign purposes. -Andi -- ak@...ux.intel.com -- Speaking for myself only -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists