Message-ID: <51444171.1080905@ladisch.de>
Date: Sat, 16 Mar 2013 10:54:57 +0100
From: Clemens Ladisch <clemens@ladisch.de>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110323 Thunderbird/3.1.9
MIME-Version: 1.0
To: Prarit Bhargava <prarit@redhat.com>
CC: linux-kernel@vger.kernel.org
Subject: Re: [PATCH] hpet, allow user controlled mmap for user processes
References: <1363377610-19196-1-git-send-email-prarit@redhat.com>
In-Reply-To: <1363377610-19196-1-git-send-email-prarit@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1031
Lines: 26

Prarit Bhargava wrote:
> The CONFIG_HPET_MMAP Kconfig option exposes the memory map of the HPET
> registers to userspace.  The Kconfig help points out that in some cases this
> can be a security risk as some systems may erroneously configure the map such
> that additional data is exposed to userspace.

I'm not aware of any such system (but cannot rule out the possibility).

> In an effort to mitigate this risk, and due to the low number of users
> of the MMAP functionality I've introduced a kernel parameter,
> hpet_mmap_enable, that is required in order to actually have the HPET
> MMAP exposed.

This introduces a regression for all users.  At least make the default
state (allowed/forbidden) configurable.

Also, this patch makes the Kconfig help text a lie.


Regards,
Clemens
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/