Received: by 2002:a25:f815:0:0:0:0:0 with SMTP id u21csp763585ybd;
        Wed, 26 Jun 2019 05:46:45 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwuRcRBZfP5PonjZ8a8uvkg09iGkVHHSiWcPz6quKpV+iGanzcyMtSvPfgNXMc7vjZ6r7+/
X-Received: by 2002:a17:90a:b908:: with SMTP id p8mr4599797pjr.94.1561553205350;
        Wed, 26 Jun 2019 05:46:45 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1561553205; cv=none;
        d=google.com; s=arc-20160816;
        b=ZPlIC/ykTYMZFTZBVnlikBWfzp50CkTkskOS5RXNi0eHTYnU6UMnNLRzqqcWz8R9Pr
         CMdt11esmAkrMGe58/LP43pqqpTfcUjB3PtHnW4NjCaIoT3gHHCroUeC+UucPf5nQ2gO
         D9FAXCKYrQamVSu22TMHl7Q0zrnMUURTyTCjC0/moNZRiSJ1PDpHh6e8YZbFXWFGjIwJ
         rCdlIxxIceQLlZNsXawEuwkHDzuSrPfazjBjmiROC28Zu+wwr637elB+Sfb5HSwld1Mk
         TC6Sld9G0pLfeQIzCDRG5bWHQDD1tpDpqf0r9GKQ00JD/4djvjYGOmUykZ+HJlilG4MM
         7ZBg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:subject:cc:to:from:date;
        bh=x8VOqM1NoWPVleofac4YSgXDaWBMeLonTkyj/6EXbig=;
        b=wBTpavoFgHyOj52rTvtLeCdSX8jBGMXJijGVKd0bY7QMRW7xjbaX4UuQw/LrxS94kY
         fCLYOMnNVaXaYfoQyZ/IVKC7KbE9FpoQ8x6gARmMSgc5pdnDxD/psntJ2LiDSNDDjs3J
         F8fxYNd7qxJjdFkrOkK0DhwEGEUPBOGj78vBWIoSaJWaFXJ0GOBOvvFRxQ6T0N0S39zJ
         LkRUmr9eaQSzZebEdN5plD/xT1OwBR/hkHkO/MHHE7LIs+ZyfKQQpnVEOwx0Lk7xdDIV
         RoO2ouWpKB3KP0W9YEDdelQoIRCfXSjgrAgYkmOfWL03vVlczbeaUNo7Fn7KADObF9DT
         uRng==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i18si16634196pfd.64.2019.06.26.05.46.28;
        Wed, 26 Jun 2019 05:46:45 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727412AbfFZMqW (ORCPT <rfc822;atom.tux.beastie@gmail.com>
        + 99 others); Wed, 26 Jun 2019 08:46:22 -0400
Received: from mail.kernel.org ([198.145.29.99]:41034 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726104AbfFZMqW (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 26 Jun 2019 08:46:22 -0400
Received: from gandalf.local.home (cpe-66-24-58-225.stny.res.rr.com [66.24.58.225])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 0E8C72147A;
        Wed, 26 Jun 2019 12:46:19 +0000 (UTC)
Date:   Wed, 26 Jun 2019 08:46:18 -0400
From:   Steven Rostedt <rostedt@goodmis.org>
To:     Matthew Garrett <matthewgarrett@google.com>
Cc:     jmorris@namei.org, linux-security@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-api@vger.kernel.org,
        David Howells <dhowells@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Matthew Garrett <mjg59@google.com>,
        Ingo Molnar <mingo@kernel.org>,
        "H. Peter Anvin" <hpa@zytor.com>, x86@kernel.org
Subject: Re: [PATCH V33 21/30] x86/mmiotrace: Lock down the testmmiotrace
 module
Message-ID: <20190626084618.49c6a311@gandalf.local.home>
In-Reply-To: <20190621011941.186255-22-matthewgarrett@google.com>
References: <20190621011941.186255-1-matthewgarrett@google.com>
        <20190621011941.186255-22-matthewgarrett@google.com>
X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 20 Jun 2019 18:19:32 -0700
Matthew Garrett <matthewgarrett@google.com> wrote:

> From: David Howells <dhowells@redhat.com>
> 
> The testmmiotrace module shouldn't be permitted when the kernel is locked
> down as it can be used to arbitrarily read and write MMIO space. This is
> a runtime check rather than buildtime in order to allow configurations
> where the same kernel may be run in both locked down or permissive modes
> depending on local policy.
> 
> Suggested-by: Thomas Gleixner <tglx@linutronix.de>
> Signed-off-by: David Howells <dhowells@redhat.com
> Signed-off-by: Matthew Garrett <mjg59@google.com>
> cc: Thomas Gleixner <tglx@linutronix.de>

Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org>

-- Steve

> cc: Ingo Molnar <mingo@kernel.org>
> cc: "H. Peter Anvin" <hpa@zytor.com>
> cc: x86@kernel.org
> ---