From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 25 Feb 2019 18:10:27 -0000 Received: from mga05.intel.com ([192.55.52.43]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gyKhu-00058Q-Ep for speck@linutronix.de; Mon, 25 Feb 2019 19:10:26 +0100 Date: Mon, 25 Feb 2019 10:10:23 -0800 From: Andi Kleen Subject: [MODERATED] Re: [PATCH v6 39/43] MDSv6 Message-ID: <20190225181023.GW16922@tassilo.jf.intel.com> References: <4e5e24fd0c2111686f32a55581efa5070cf0a160.1551019522.git.ak@linux.intel.com> <20190225152654.GB19947@kroah.com> <20190225162825.GR16922@tassilo.jf.intel.com> <20190225164729.GA10883@kroah.com> <20190225170503.GU16922@tassilo.jf.intel.com> <20190225174936.GA3230@kroah.com> MIME-Version: 1.0 In-Reply-To: <20190225174936.GA3230@kroah.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: > You obviously do not care about all bus data, only some. So which > "some"? As we have class drivers, why not focus on the type of data you For most drivers anything that would end up being copy_*_user()ed. (modulo some corner cases like a network address. While I would like to protect those too, I don't see a practical way to do so. And they're already visible on the network) > feel is an issue? That way you have a chance to keep on top of this > thing. Ok so the problem is the terminology? We should call it sensitive data? I'll not be able to list all the cases explicitely in the document (this would require understanding all drivers and all subsystems which I certainly don't), there has to be some discretion. > If you only focus on a bus, then you will miss those types of things > that do not use a bus. If you focus on the type of data, then you have > a chance to do this right. I wasn't really looking for busses, or anything like that, mainly just going through the code and looking for copies or direct data access. -Andi