| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Mar 2019 21:20:28 +0530
From: Gaurav Kohli <gkohli@...eaurora.org>
To: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>,
linux-kernel@...r.kernel.org
Cc: linux-arm-msm@...r.kernel.org
Subject: Re: [PATCH v2] nvmem: core: Set no-read-write provider to avoid
userspace read/write
On 3/20/2019 8:04 PM, Srinivas Kandagatla wrote:
>
>
> On 17/03/2019 14:12, Gaurav Kohli wrote:
>> Current nvmem framework allows user space to read all register space
>> populated by nvmem binary file, In case we don't want to expose value
>> of registers to userspace and only want kernel space to read cell
>> value from nvmem_cell_read_u32.
>>
>> To protect the same, Add no-read-write property to prevent read
>> from userspace.
>>
>
> Can you explain the real need of this?
> Is there any issue you are noticing while reading nvmem content from
> userspace?
>
Hi Srinivas,
No, We are not observing any issue, nvmem is dumping the data properly.
But there are certain register, which we don't want to expose to user
space and want kernel space can only read via nvmem_cell_read.
In existing design, even if we read cell from kernel space, nvmem binary
files is still populated to user space unconditionally.
Regards
Gaurav
> I don't think this is the right way to do this, its misleading in many
> ways. Also this should not be a part of DT binding.
>
> If we decide that we need this feature, then better way to do this
> using a new Kernel config.
>
> thanks,
> srini
-- Qualcomm India Private Limited, on behalf of Qualcomm Innovation
Center, Inc. is a member of the Code Aurora Forum, a Linux Foundation
Collaborative Project.
Powered by blists - more mailing lists