lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 1 Dec 2020 13:44:07 +0800
From:   wangrongwei <rongwei.wang@...ux.alibaba.com>
To:     Will Deacon <will@...nel.org>
Cc:     catalin.marinas@....com, bjorn.andersson@...aro.org,
        shawnguo@...nel.org, vkoul@...nel.org, geert+renesas@...der.be,
        Anson.Huang@....com, michael@...le.cc, krzk@...nel.org,
        olof@...om.net, vincenzo.frascino@....com, ardb@...nel.org,
        masahiroy@...nel.org, gshan@...hat.com,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/3] arm64:msr: Add MSR driver

Hi, Will
Thanks for your reply!
There are absolutely privileged registers, and seriously expose the interface directly! 
However, these interfaces (/dev/cpu/<N>/msr) need permissions to access, so there should be few security issues. In addition, it may be due to my unclear description above. This driver is mainly a debugging tool. It make developers can easily get the values of some system registers without modifying the kernel.
In fact, we first considered the /dev/mem solution, but it seems that /dev/mem can map peripheral or IO registers, but not system registers.

> 2020年12月1日 上午1:57,Will Deacon <will@...nel.org> 写道:
> 
> On Tue, Dec 01, 2020 at 01:48:30AM +0800, Rongwei Wang wrote:
>> MSR ARM driver aims to provide interfacs for user to read or write data to all
>> system registers. Its functions is same as MSR driver (x86 platform). It mainly
>> depends on kprobe and undef exception to read or write system registers
>> dynamicly.
> 
> ... but why? These are privileged registers for a reason, and giving
> userspace access to them is bound to cause serious problems. Why can't we
> do whatever it is that userspace is trying to do by poking these things in
> the kernel instead? This interface is a bit like using /dev/mem instead of
> writing a proper device driver.
> 
> Thanks,
> 
> Will

Powered by blists - more mailing lists