Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750761AbWEWBLv (ORCPT ); Mon, 22 May 2006 21:11:51 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1750726AbWEWBLu (ORCPT ); Mon, 22 May 2006 21:11:50 -0400 Received: from THUNK.ORG ([69.25.196.29]:55784 "EHLO thunker.thunk.org") by vger.kernel.org with ESMTP id S1750761AbWEWBLu (ORCPT ); Mon, 22 May 2006 21:11:50 -0400 Date: Mon, 22 May 2006 21:11:23 -0400 From: Theodore Tso To: Arjan van de Ven Cc: akpm@osdl.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] Add user taint flag Message-ID: <20060523011123.GA32164@thunk.org> Mail-Followup-To: Theodore Tso , Arjan van de Ven , akpm@osdl.org, linux-kernel@vger.kernel.org References: <1148307276.3902.71.camel@laptopd505.fenrus.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1148307276.3902.71.camel@laptopd505.fenrus.org> User-Agent: Mutt/1.5.11 X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: tytso@thunk.org X-SA-Exim-Scanned: No (on thunker.thunk.org); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1781 Lines: 34 On Mon, May 22, 2006 at 04:14:36PM +0200, Arjan van de Ven wrote: > On Sun, 2006-05-21 at 19:04 -0400, Theodore Ts'o wrote: > > Allow taint flags to be set from userspace by writing to > > /proc/sys/kernel/tainted, and add a new taint flag, TAINT_USER, to be > > used when userspace is potentially doing something naughty that might > > compromise the kernel. > > we should then patch the /dev/mem driver or something to set this :) > (well and possibly give it an exception for now for PCI space until the > X people fix their stuff to use the proper sysfs stuff) It may make sense to have an explicit taint flag which means direct access to memory, via /dev/mem or otherwise, with exceptions for I/O mapped memory not claimed by a device driver (and of course X until it is fixed, or never, whichever comes first). As I've mentioned, the original reason why I did this was because I needed to mmap physical memory, which at the time when I originally did things, /dev/mem didn't support except for the I/O mapped memory range, and I assumed that any attempt to enhance /dev/mem's mmap() capabilities in a patch intended for mainline wouldn't be looked at as a friendly act. In fact, I was so unhappy about being forced by the RTSJ specification to do this insane thing that I wanted to make sure that if it were ever used, it would set a TAINT flag to warn people that just about anything unsane could have happened, and the system's stability was at the mercy of the competence of Java application programmers. :-) - Ted - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/