Re: [PATCH] Add user taint flag

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Theodore Tso <tytso@mit.edu>
To: Arjan van de Ven <arjan@infradead.org>
Cc: akpm@osdl.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Add user taint flag
Date: Mon, 22 May 2006 21:11:23 -0400	[thread overview]
Message-ID: <20060523011123.GA32164@thunk.org> (raw)
In-Reply-To: <1148307276.3902.71.camel@laptopd505.fenrus.org>

On Mon, May 22, 2006 at 04:14:36PM +0200, Arjan van de Ven wrote:
> On Sun, 2006-05-21 at 19:04 -0400, Theodore Ts'o wrote:
> > Allow taint flags to be set from userspace by writing to
> > /proc/sys/kernel/tainted, and add a new taint flag, TAINT_USER, to be
> > used when userspace is potentially doing something naughty that might
> > compromise the kernel. 
> 
> we should then patch the /dev/mem driver or something to set this :)
> (well and possibly give it an exception for now for PCI space until the
> X people fix their stuff to use the proper sysfs stuff)

It may make sense to have an explicit taint flag which means direct
access to memory, via /dev/mem or otherwise, with exceptions for I/O
mapped memory not claimed by a device driver (and of course X until it
is fixed, or never, whichever comes first).

As I've mentioned, the original reason why I did this was because I
needed to mmap physical memory, which at the time when I originally
did things, /dev/mem didn't support except for the I/O mapped memory
range, and I assumed that any attempt to enhance /dev/mem's mmap()
capabilities in a patch intended for mainline wouldn't be looked at as
a friendly act.  In fact, I was so unhappy about being forced by the
RTSJ specification to do this insane thing that I wanted to make sure
that if it were ever used, it would set a TAINT flag to warn people
that just about anything unsane could have happened, and the system's
stability was at the mercy of the competence of Java application
programmers.  :-)

						- Ted

next prev parent reply	other threads:[~2006-05-23  1:11 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-05-21 23:04 [PATCH] Add user taint flag Theodore Ts'o
2006-05-22 10:36 ` Andrew Morton
2006-05-22 18:33   ` Theodore Tso
2006-05-22 23:49     ` Nick Piggin
2006-05-24 13:43   ` Stefan Seyfried
2006-05-22 12:17 ` Stephen C. Tweedie
2006-05-22 14:14 ` Arjan van de Ven
2006-05-22 14:35   ` Alan Cox
2006-05-22 14:29     ` Valdis.Kletnieks
2006-05-22 18:56       ` Jan Engelhardt
2006-05-22 14:37     ` Arjan van de Ven
2006-05-23  1:11   ` Theodore Tso [this message]
2006-05-22 15:48 ` Randy.Dunlap
2006-05-23 18:45 ` Greg KH
2006-05-24 13:39   ` Theodore Tso
2006-05-24 13:55     ` Dave Jones
2006-05-24 14:15       ` Dave Jones
2006-05-25 15:01     ` Greg KH

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060523011123.GA32164@thunk.org \
    --to=tytso@mit.edu \
    --cc=akpm@osdl.org \
    --cc=arjan@infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.