lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZpkQQ5GzJ4atvR6a@casper.infradead.org>
Date: Thu, 18 Jul 2024 13:53:23 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Christoph Hellwig <hch@...radead.org>
Cc: Mary Strodl <mstrodl@...edom.csh.rit.edu>,
	Mary Strodl <mstrodl@....rit.edu>, linux-kernel@...r.kernel.org,
	akpm@...ux-foundation.org, urezki@...il.com, linux-mm@...ck.org,
	lee@...nel.org, andi.shyti@...nel.org, linux-i2c@...r.kernel.org,
	s.hauer@...gutronix.de, christian.gmeiner@...il.com
Subject: Re: [PATCH 1/3] mm: vmalloc: export __vmalloc_node_range

On Thu, Jul 18, 2024 at 05:49:14AM -0700, Christoph Hellwig wrote:
> On Thu, Jul 18, 2024 at 01:45:11PM +0100, Matthew Wilcox wrote:
> > On Thu, Jul 18, 2024 at 08:40:27AM -0400, Mary Strodl wrote:
> > > On Wed, Jul 17, 2024 at 08:04:01PM -0700, Christoph Hellwig wrote:
> > > > NAK to a driver creating random writable and exectutable memory:
> > > 
> > > Is there a better way to do what I'm trying to do? Or some way to
> > > expose this functionality with more guard rails so that it's a
> > > little bit safer?
> > 
> > No, there is no way to do what you're trying to do.
> 
> IFF it is absolutely required to run BIOS provided executable code,
> the best way to do that is in a separate userspace process.

That does work, but I would assume that since this BIOS exists to
communicate with the hardware that it'd need various special privileges
and that running in ring 3 would not work.

Ultimately, better off running the whole thing inside a VM and passing
the device through to the guest.  Or ignoring the BIOS entirely and
implementing direct access to the hardware.  But neither of these
approaches is "a way to do what I'm trying to do", they're entirely
different approaches to making this hardware work.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ