Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752030Ab1BFKab (ORCPT ); Sun, 6 Feb 2011 05:30:31 -0500 Received: from mail-in-09.arcor-online.net ([151.189.21.49]:39343 "EHLO mail-in-09.arcor-online.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751957Ab1BFKa2 (ORCPT ); Sun, 6 Feb 2011 05:30:28 -0500 X-DKIM: Sendmail DKIM Filter v2.8.2 mail-in-14.arcor-online.net 69F059C188 Message-Id: From: Bodo Eggert Subject: Re: [PATCH] NX protection for kernel data : fix 32 bits S3 suspend To: "H. Peter Anvin" , Ingo Molnar , castet.matthieu@free.fr, Linux Kernel list , linux-security-module@vger.kernel.org, Matthias Hopf , rjw@sisk.pl, Andrew Morton , Thomas Gleixner Reply-To: 7eggert@nurfuerspam.de Date: Sun, 06 Feb 2011 11:30:17 +0100 References: User-Agent: KNode/0.10.9 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8Bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1009 Lines: 20 H. Peter Anvin wrote: > In static_protections() we have: > >> /* >> * The BIOS area between 640k and 1Mb needs to be executable for >> * PCI BIOS based config access (CONFIG_PCI_GOBIOS) support. >> */ I don't think the CGA/MDA/VGA graphics memory areas should be executable, and I doubt execute access to these areas is required - is it? 0xA000:0000 might be a BIOS area, if it is, you don't have a VGA and the ROM will be exactly 64K. 0xB800 and 0xB000 SHOULD NOT be a ROM, nobody dared to use it (I don't remember exactly where ROMs are searched). -- Funny quotes: 34. If FedEx and UPS were to merge, would they call it Fed UP? Friß, Spammer: igc@vhFgi.7eggert.dyndns.org fdnJu@jQOez.7eggert.dyndns.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/