From: Prarit Bhargava <prarit@redhat.com>
To: Matt Wilson <msw@amazon.com>
Cc: linux-kernel@vger.kernel.org, Clemens Ladisch <clemens@ladisch.de>
Subject: Re: [PATCH] hpet, allow user controlled mmap for user processes
Date: Thu, 12 Sep 2013 20:00:59 -0400 [thread overview]
Message-ID: <523255BB.7050109@redhat.com> (raw)
In-Reply-To: <20130829060151.GA7439@u109add4315675089e695.ant.amazon.com>
On 08/29/2013 02:01 AM, Matt Wilson wrote:
> On Fri, Mar 22, 2013 at 09:32:54AM -0400, Prarit Bhargava wrote:
>> The CONFIG_HPET_MMAP Kconfig option exposes the memory map of the HPET
>> registers to userspace. The Kconfig help points out that in some cases this
>> can be a security risk as some systems may erroneously configure the map such
>> that additional data is exposed to userspace.
>>
>> This is a problem for distributions -- some users want the MMAP functionality
>> but it comes with a significant security risk. In an effort to mitigate this
>> risk, and due to the low number of users of the MMAP functionality, I've
>> introduced a kernel parameter, hpet_mmap_enable, that is required in order
>> to actually have the HPET MMAP exposed.
>>
>> [v2]: Clemens suggested modifying the Kconfig help text and making the
>> default setting configurable.
>> [v3]: Fixed up Documentation and Kconfig entries, default now "Y"
>> [v4]: After testing, found that I need to modify CONFIG_HPET_MMAP_DEFAULT usage
>>
>> Signed-off-by: Prarit Bhargava <prarit@redhat.com>
>> Cc: Clemens Ladisch <clemens@ladisch.de>
>> ---
>> Documentation/kernel-parameters.txt | 4 ++++
>> drivers/char/Kconfig | 9 +++++++--
>> drivers/char/hpet.c | 25 +++++++++++++++++++++++--
>> 3 files changed, 34 insertions(+), 4 deletions(-)
>
> It doesn't seem like this patch got picked up and seems like a good
> idea to me. Clemens, what do you think?
>
> Acked-by: Matt Wilson <msw@amazon.com>
>
Clemens? I didn't see a reply...
P.
next prev parent reply other threads:[~2013-09-13 0:01 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-15 20:00 [PATCH] hpet, allow user controlled mmap for user processes Prarit Bhargava
2013-03-16 9:54 ` Clemens Ladisch
2013-03-18 12:24 ` Prarit Bhargava
2013-03-19 7:43 ` Clemens Ladisch
2013-03-19 14:21 ` Prarit Bhargava
2013-03-19 14:51 ` Clemens Ladisch
2013-03-22 13:32 ` Prarit Bhargava
2013-08-29 6:01 ` Matt Wilson
2013-09-13 0:00 ` Prarit Bhargava [this message]
2013-09-29 20:28 ` [PATCH] hpet: " Clemens Ladisch
2013-03-19 14:49 ` [PATCH] hpet, " Prarit Bhargava
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=523255BB.7050109@redhat.com \
--to=prarit@redhat.com \
--cc=clemens@ladisch.de \
--cc=linux-kernel@vger.kernel.org \
--cc=msw@amazon.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.