From: Arjan van de Ven <arjan@infradead.org>
To: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Maxim Levitsky <maximlevitsky@gmail.com>, linux-kernel@vger.kernel.org
Subject: Re: RFC: banning device driver reserved resources from /dev/mem
Date: Mon, 6 Oct 2008 07:24:37 -0700 [thread overview]
Message-ID: <20081006072437.5d1360dd@infradead.org> (raw)
In-Reply-To: <20081006151411.05ed5f50@lxorguk.ukuu.org.uk>
On Mon, 6 Oct 2008 15:14:11 +0100
Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
> > no argument, except that the kernel doesn't do request_region() on
> > it to expect exclusivity (so the patch doesn't do anything on this
> > region)
>
> Its on the TODO list for the vt fixes
>
> > Now having said that, if the DRM layer does request_region on the
> > MMIO bars, we might need a flag that explicitly says "this is
> > intended for sharing with userspace" for this known case; not too
> > hard, I'll check with Dave Airlie.
>
> DRM isn't the problem. In the DRM case the DRM can provide the
> mappings and manage them. In the non DRM case its messier but for the
> moment probably happens by luck to be ok
I'll add a "share resource with userland" option to allow us to make
this desire explicit for the cases we want this (and can tolerate
concurrent accesses)
>
> I still think your restrictive /dev/mem model is wrong. I think it
> comes about because your /dev/mem restrictions are for multiple
> conflicting purposes.
for me it is a goal to have /dev/mem do as little as possible while
allowing the "normal" uses. This is to help SELinux to have sane policy
rather than "X still has perms to own the whole box" etc.
>
> The root of that is the 'vaguely annoy root kit writers for 5 minutes'
> reasoning which erroneously leads to trying to a compile time option,
> combined some would argue with a 'screw people hacking hardware in
> userspace who should provide drivers' view.
this patch absolutely has nothing to do with rootkits; really.
it came out of chasing e1000e with the "eh who maps our e1000e bar from
userspace" scare. Followed by thinking "if the driver requests
exclusivity the kernel should try to grant that".
--
Arjan van de Ven Intel Open Source Technology Centre
For development, discussion and tips for power savings,
visit http://www.lesswatts.org
next prev parent reply other threads:[~2008-10-06 14:24 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-10-06 1:01 RFC: banning device driver reserved resources from /dev/mem Arjan van de Ven
2008-10-06 5:23 ` Ingo Molnar
2008-10-06 5:26 ` Arjan van de Ven
2008-10-06 9:27 ` Alan Cox
2008-10-06 13:40 ` Maxim Levitsky
2008-10-06 13:48 ` Alan Cox
2008-10-06 13:52 ` Arjan van de Ven
2008-10-06 14:01 ` Alan Cox
2008-10-06 14:05 ` Arjan van de Ven
2008-10-06 14:14 ` Alan Cox
2008-10-06 14:24 ` Arjan van de Ven [this message]
2008-10-06 14:38 ` Alan Cox
2008-10-06 14:57 ` Arjan van de Ven
2008-10-06 15:29 ` Alan Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081006072437.5d1360dd@infradead.org \
--to=arjan@infradead.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=linux-kernel@vger.kernel.org \
--cc=maximlevitsky@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox