From: Bjorn Helgaas <bjorn.helgaas@hp.com>
To: linux-ia64@vger.kernel.org
Subject: Re: [RFC] prevent "dd if=/dev/mem" crash
Date: Mon, 20 Oct 2003 15:17:10 +0000 [thread overview]
Message-ID: <marc-linux-ia64-106666338406789@msgid-missing> (raw)
In-Reply-To: <marc-linux-ia64-106642876514553@msgid-missing>
On Friday 17 October 2003 6:21 pm, David Mosberger wrote:
> What about memory-mapped device registers? Isn't all memory
> physically contiguous on x86 and that's why the "p >> __pa(high_memory)" test saves you from that?
As others have mentioned, using read/write on /dev/mem to get at
memory-mapped registers is unlikely to work on ia64 anyway, because
read/write use cacheable mappings. Using mmap does work (using
uncacheable mappings), and my patch doesn't change that path.
> >> On ia64, a read to non-existent physical memory causes the processor
> >> to time out and take a machine check. I'm not sure it's even possible
> >> to recover from that.
>
> Andrew> ick. That would be very poor form.
>
> Reasonable people can disagree on that. One philosophy states that if
> your kernel touches random addresses, it's better to signal a visible
> error (machine-check) than to risk silent data corruption.
It occurred to me over the weekend that part of this confusion is
related to the fact that ia64 doesn't have page tables for the
kernel identity-mapped segments. (We're talking about reading
physical memory, but read/write_mem() actually convert the address
using __va() before doing the copy.)
I bet that ia32 does have page tables for this case, and that
an attempt to read non-existent physical memory will cause a TLB
miss from which copy_*_user() can easily recover.
On ia64, the same TLB miss would occur, but since there are no page
tables, the miss handler assumes the kernel knows what it is doing
and happily synthesizes a mapping that points nowhere.
Bjorn
next prev parent reply other threads:[~2003-10-20 15:17 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-10-17 22:10 [RFC] prevent "dd if=/dev/mem" crash Bjorn Helgaas
2003-10-17 22:19 ` Luck, Tony
2003-10-17 22:23 ` Matt Mackall
2003-10-17 22:40 ` Andreas Schwab
2003-10-17 22:50 ` Andrew Morton
2003-10-17 23:25 ` Bjorn Helgaas
2003-10-17 23:55 ` Andrew Morton
2003-10-18 0:15 ` William Lee Irwin III
2003-10-18 0:21 ` David Mosberger
2003-10-18 0:49 ` Andrew Morton
2003-10-18 1:31 ` Matt Chapman
2003-10-18 1:41 ` Andrew Morton
2003-10-18 1:48 ` David Mosberger
2003-10-18 2:01 ` Andrew Morton
2003-10-18 2:01 ` Matt Chapman
2003-10-19 11:25 ` Eric W. Biederman
2003-10-19 18:17 ` Pavel Machek
2003-10-19 19:01 ` William Lee Irwin III
2003-10-20 15:17 ` Bjorn Helgaas [this message]
2003-10-20 17:42 ` Bjorn Helgaas
2003-10-20 18:48 ` David Mosberger
2003-10-23 8:33 ` Martin Pool
2003-10-23 9:31 ` Zoltan Menyhart
2003-10-23 21:05 ` Bjorn Helgaas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-linux-ia64-106666338406789@msgid-missing \
--to=bjorn.helgaas@hp.com \
--cc=linux-ia64@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox