lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Dec 2020 13:44:07 +0800 From: wangrongwei <rongwei.wang@...ux.alibaba.com> To: Will Deacon <will@...nel.org> Cc: catalin.marinas@....com, bjorn.andersson@...aro.org, shawnguo@...nel.org, vkoul@...nel.org, geert+renesas@...der.be, Anson.Huang@....com, michael@...le.cc, krzk@...nel.org, olof@...om.net, vincenzo.frascino@....com, ardb@...nel.org, masahiroy@...nel.org, gshan@...hat.com, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 0/3] arm64:msr: Add MSR driver Hi, Will Thanks for your reply! There are absolutely privileged registers, and seriously expose the interface directly! However, these interfaces (/dev/cpu/<N>/msr) need permissions to access, so there should be few security issues. In addition, it may be due to my unclear description above. This driver is mainly a debugging tool. It make developers can easily get the values of some system registers without modifying the kernel. In fact, we first considered the /dev/mem solution, but it seems that /dev/mem can map peripheral or IO registers, but not system registers. > 2020年12月1日 上午1:57,Will Deacon <will@...nel.org> 写道: > > On Tue, Dec 01, 2020 at 01:48:30AM +0800, Rongwei Wang wrote: >> MSR ARM driver aims to provide interfacs for user to read or write data to all >> system registers. Its functions is same as MSR driver (x86 platform). It mainly >> depends on kprobe and undef exception to read or write system registers >> dynamicly. > > ... but why? These are privileged registers for a reason, and giving > userspace access to them is bound to cause serious problems. Why can't we > do whatever it is that userspace is trying to do by poking these things in > the kernel instead? This interface is a bit like using /dev/mem instead of > writing a proper device driver. > > Thanks, > > Will
Powered by blists - more mailing lists