From: "H. Peter Anvin" <hpa@zytor.com>
To: Alex Henrie <alexhenrie24@gmail.com>,
Kees Cook <keescook@chromium.org>,
Doug Johnson <dougvj@gmail.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
Tyler Hicks <tyhicks@canonical.com>,
Al Viro <viro@zeniv.linux.org.uk>,
linux-kernel@vger.kernel.org
Subject: Re: Fwd: ioperm is preserved across fork and execve, but iopl is not
Date: Mon, 11 May 2015 13:56:34 -0700 [thread overview]
Message-ID: <55511782.30303@zytor.com> (raw)
In-Reply-To: <CAMMLpeRZ-ApD82V6+psii+Yd1JprNwKNi_EDtkDHseKDKzX-mQ@mail.gmail.com>
On 05/11/2015 01:49 PM, Alex Henrie wrote:
>
> The ioperm and iopl calls are both used to grant a process permission
> to access I/O devices directly. iopl(3) is equivalent to ioperm(0,
> 0xFFFF, 1). However, permissions granted through ioperm are preserved
> across fork and execve, and permissions granted through iopl are not.
> This makes no sense: The two calls do the same thing, so there is no
> security benefit to dropping one on fork or execve but not the other.
>
They don't, in fact. An iopl(3) process is allowed to disable
interrupts in user space, which an ioperm() process is not.
This is a HUGE deal. This really makes me wonder if iopl(3) should be
allowed at all, or if we should just intercept it and treat it as ioperm().
-hpa
next prev parent reply other threads:[~2015-05-11 20:56 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAMMLpeSCiF3ibkG+z0AG3RxF3-1ijbitDKPNjoHuZYJZLDPSEw@mail.gmail.com>
2015-05-11 20:49 ` Fwd: ioperm is preserved across fork and execve, but iopl is not Alex Henrie
2015-05-11 20:56 ` H. Peter Anvin [this message]
2015-05-11 21:11 ` One Thousand Gnomes
2015-05-11 21:23 ` Alex Henrie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55511782.30303@zytor.com \
--to=hpa@zytor.com \
--cc=alexhenrie24@gmail.com \
--cc=dougvj@gmail.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=tyhicks@canonical.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.