| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20191107125638.GB15642@1wt.eu>
Date: Thu, 7 Nov 2019 13:56:38 +0100
From: Willy Tarreau <w@....eu>
To: hpa@...or.com
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>,
the arch/x86 maintainers <x86@...nel.org>,
Stephen Hemminger <stephen@...workplumber.org>,
Juergen Gross <jgross@...e.com>,
Sean Christopherson <sean.j.christopherson@...el.com>
Subject: Re: [patch 5/9] x86/ioport: Reduce ioperm impact for sane usage
further
On Thu, Nov 07, 2019 at 02:50:20AM -0800, hpa@...or.com wrote:
> You get access to the ports you are assigned, just like pages you are
> assigned... the rest is kernel policy, or, for that matter, privileged
> userspace (get permissions to the necessary ports, then drop privilege... the
> usual stuff.)
I agree, my point is that there's already no policy checking at the
moment ports are assigned, hence a process having the permissions to
request just port 0x70-0x71 to read the hwclock will also have permission
to request access to the sensor chip a 0x2E and trigger a watchdog
reset or stop the CPU fan. Thus any policy enforcement is solely done
by the requesting process itself, assuming it doesn't simply use iopl()
already, which grants everything.
This is why I'm really wondering if the real use cases that need all
this stuff still exist at all in practice.
Willy
Powered by blists - more mailing lists