[PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses

[PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Petr Tesarik <hidden> · 2011-06-17
[PATCH 07/10] arm: change valid_phys_addr_range's @addr param to phys_addr_t · Petr Tesarik <hidden> · 2011-06-17
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-06-17
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Russell King - ARM Linux <hidden> · 2011-06-17
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Petr Tesarik <hidden> · 2011-06-17
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Américo Wang <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Petr Tesarik <hidden> · 2011-06-27
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ryan Mallon <hidden> · 2011-06-19
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · "H. Peter Anvin" <hpa@zytor.com> · 2011-06-19
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · "H. Peter Anvin" <hpa@zytor.com> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · "H. Peter Anvin" <hpa@zytor.com> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Srivatsa Vaddagiri <hidden> · 2011-06-21
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Matthew Wilcox <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ryan Mallon <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Matthew Wilcox <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ryan Mallon <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ryan Mallon <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ray Lee <hidden> · 2011-06-20
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Petr Tesarik <hidden> · 2011-06-29
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Petr Tesarik <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Christoph Hellwig <hch@infradead.org> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Christoph Hellwig <hch@infradead.org> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Petr Tesarik <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · "H. Peter Anvin" <hpa@zytor.com> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Petr Tesarik <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Petr Tesarik <hidden> · 2011-07-01
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Ingo Molnar <hidden> · 2011-07-03
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · Matthew Garrett <hidden> · 2011-07-05
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · "H. Peter Anvin" <hpa@zytor.com> · 2011-07-05
Re: [PATCH 00/10] Enhance /dev/mem to allow read/write of arbitrary physical addresses · "H. Peter Anvin" <hpa@zytor.com> · 2011-07-05

From: Petr Tesarik <hidden>
Date: 2011-07-01 19:34:52
Also in: linux-sh, lkml

Dne P? 1. ?ervence 2011 18:13:45 Ingo Molnar napsal(a):

* H. Peter Anvin [off-list ref] wrote:

quoted

On 07/01/2011 08:36 AM, Ingo Molnar wrote:

quoted

So we could kill multiple birds with the same stone here:
 - remove various ugly uses of /dev/mem (including the rootkit usage),
 
   with or without strict-devmem
 
 - extending it to above-4G for inspection purposes
 
 - allowing to kill /dev/mem access runtime similar to the
 
   disable_modules lock-down killswitch, for the so inclined.

Would you be interested in modifying your patch-set in such a
fashion?

Yes, this works for me. How persistent should the kill-switch be? I assume it 
doesn't make much sense to make a sysfs toggle, because then it would still be 
open to abuse. I'd rather see it specified on boot and never changed. Agreed?

Something like "enable_dev_mem" on the kenrel command line (default is 
disabled).

On a similar note, I should probably rip off write_mem() completely and 
disallow PROT_WRITE mmapping of the device. Right?

quoted

There is another use that I have looked at, as well: for testing
purposes, it would be extremely good to be able to dirty and/or
flush an arbitrary physical cache line for testing purposes.

This is very very similar to /dev/mem usage -- access to an
arbitrary chunk of memory -- and a fully enabled /dev/mem can of
course support this use (just mmap the page with the relevant cache
line).  However, it could also be a separate device which could
have looser permissions than /dev/mem; or a set of ioctls on
/dev/mem with a separate kill switch, because no data would ever be
have modified or returned to user space.

Either way, though, we found that it would share a lot of code with
the /dev/mem implementation, and as such fixing up the underlying
machinery is the sanest way to upstream this.

To me that cache flush thing sounds obscure (but still useful) enough
to justify a new ioctl over /dev/mem.

Not sure it even needs a killswitch, unless there's some real
security problem related to it.

It can be used for DoS, but if you have permission for the ioctl(), then you 
probably also have easier ways to kill the system.

Petr

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help