Drivers, Hardware, and their relationship to Bagels.

From: Myrddin Ambrosius (imipak@yahoo.com)
Date: Tue Jun 18 2002 - 10:06:28 EST


Hi all,

With the discussion on kernel crypto a while back,
there was one very important recurring element that I
would like someone to clarify for me.

The issue is this. My understanding is that -all-
hardware access should be through the kernel, partly
so that similar hardware can have a similar API, but
also so that kernel security code (eg: capabilities)
applies to ALL hardware and ALL lower-level
operations.

However, there were a number of mentions of userland
hardware drivers, which did NOT operate through the
kernel. (This was in reference to why it wouldn't be
necessary to have a kernel-level driver for the
Motorola M190 crypto chip.)

If you can blithely ignore restrictions placed by the
kernel on some piece of hardware, and access it
directly, then surely this would apply to any
hardware. Including disk drives, RAM, etc.

I could be wrong (and I hope, very much, that I am),
but if my understanding is correct, then that's a hole
you could drive a truck through, and have room to
spare.

This isn't intended as a critisism of anyone, or of
any decisions made regarding the way the kernel
operates. (I know my phrasing leaves a lot to be
desired. Sometimes I think my best chance of a long
life would be to take a vow of silence and become a
monk.)

I'd really appreciate it if someone could clarify this
for me, especially the security aspect of non-kernel
drivers.

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

(Tune of "Running Free", by Iron Maiden)

Kernel bug, core runs wild,
Space/time twists and gets compiled.
Wormholes open and bring to me,
Linux Kernel Version 3!

I'm running 3, yeah, I'm running 3!
I'm running 3, yeah, I'm running 3!

Got support for Tbyte RAM,
The newest arch is leg of lamb.
Max cpus, one thousand now,
Neg latency gives quite a pow.

Men in Black zap my brains,
Melt the hard-disk, and what remains.
There's nothing left for you to see
That my machine was running 3!

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun Jun 23 2002 - 22:00:16 EST