From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: Davide Libenzi <davidel@xmailserver.org>
Cc: Linus Torvalds <torvalds@osdl.org>, Andi Kleen <ak@suse.de>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@osdl.org>
Subject: Re: [patch] lazy TSS's I/O bitmap copy ...
Date: Sat, 28 Aug 2004 20:15:35 +0100 [thread overview]
Message-ID: <1093353962.2810.20.camel@localhost.localdomain> (raw)
In-Reply-To: <Pine.LNX.4.58.0408231516460.3222@bigblue.dev.mdolabs.com>
On Llu, 2004-08-23 at 23:18, Davide Libenzi wrote:
> > > The check for the I/O opcode can certainly be
> > > done though, even if it'd make the code a little bit more complex.
> >
> > Have to be very careful there to avoid nasty security issues. And with
> > ins/outs, you can have various prefixes etc, so decoding is not as trivial
> > as it could otherwise be. Even the regular in/out can have a data size
> > overrides..
And an attacker can be changing the mappings in another thread at the
same time. Now you see it, now you don't. This gets quite fun with
writing fixups to user space code but isnt a big deal for reads.
> > In short, I think that if we do this at all, I'd much rather just do the
> > simple "trap twice" thing that Davide did. It's too easy to get it wrong
> > otherwise.
>
> IMHO since the GPF path is not a fast path like a page fault, we shouldn't
> be in bad shape with the current approach. No?
Even the X server doesn't generally make heavy use of I/O port access on
any vaguely modern hardware. The BIOS might but its already doing some
of its own vm86 fixups for this.
next prev parent reply other threads:[~2004-08-28 20:37 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-08-23 21:23 [patch] lazy TSS's I/O bitmap copy Davide Libenzi
2004-08-23 21:32 ` Andi Kleen
2004-08-23 21:39 ` Davide Libenzi
2004-08-23 22:07 ` Linus Torvalds
2004-08-23 22:18 ` Davide Libenzi
2004-08-23 22:27 ` Linus Torvalds
2004-08-28 19:15 ` Alan Cox [this message]
2004-08-23 22:54 ` Davide Libenzi
2004-08-23 23:09 ` Linus Torvalds
2004-08-23 23:33 ` Davide Libenzi
2004-08-24 7:19 ` [patch] ioport-cache-2.6.8.1.patch Ingo Molnar
2004-08-24 15:15 ` Davide Libenzi
2004-08-24 19:38 ` Ryan Cumming
2004-08-24 20:20 ` Ingo Molnar
2004-08-24 1:53 ` [patch] lazy TSS's I/O bitmap copy Brian Gerst
2004-08-24 2:17 ` Linus Torvalds
2004-08-24 4:30 ` Davide Libenzi
2004-08-24 6:51 ` Arjan van de Ven
2004-08-24 15:13 ` Davide Libenzi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1093353962.2810.20.camel@localhost.localdomain \
--to=alan@lxorguk.ukuu.org.uk \
--cc=ak@suse.de \
--cc=akpm@osdl.org \
--cc=davidel@xmailserver.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox