Re: A question about PROT_NONE on ARM and ARM26

From: Russell King
Date: Wed Jun 30 2004 - 14:27:02 EST

Next message: George Marshall: "thermal_zone infos"
Previous message: Mirza Borogovac: "Problem with network card natsemi in woody instalation"
In reply to: Jamie Lokier: "Re: A question about PROT_NONE on ARM and ARM26"
Next in thread: Jamie Lokier: "Re: A question about PROT_NONE on ARM and ARM26"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jun 30, 2004 at 08:14:28PM +0100, Jamie Lokier wrote:
> Russell King wrote:
> > We use three domains - one for user, one for kernel and one for IO.
> > Normally all three are in client mode. However, on set_fs(KERNEL_DS)
> > we switch the kernel domain to manager mode.
> >
> > This means that the user-mode LDR instructions (ldrt / ldrlst etc)
> > will not have their page permissions checked, and therefore the access
> > will succeed - exactly as we require.
>
> Protection permissions (i.e. read-only, PROT_NONE) should still be
> checked after set_fs(KERNEL_DS). It's only the kernel page vs. user
> page distinction that should be relaxed.
>
> >From your description, it's not obvious that it'll do the right thing
> in that circumstance.

Trust me, it does. Unless you fully understand how the MMU and domains
work on ARM, you've little chance of working it out from the code.

Really, I see its pointless trying to discuss the details of this any
further - I presently have very little time to educate people in the
details, sorry.

> Because set_fs() is rarely used, I think you can optimise getuser.S
> and putuser.S on ARM26. Instead of comparing the address against
> TI_ADDR_LIMIT, compare it against the hard-coded userspace limit.

Wrong. That means that if userspace passes an address above the hard
coded limit, we _WILL_ bypass all protections and access that memory.

However, ARM26 is not under my control anymore, so it isn't something
I care about, and I doubt there are many people who do. We're talking
about a 20 year old architecture which hasn't had any conforming devices
produced for at least 10 years.

--
Russell King
Linux kernel 2.6 ARM Linux - http://www.arm.linux.org.uk/
maintainer of: 2.6 PCMCIA - http://pcmcia.arm.linux.org.uk/
2.6 Serial core
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: George Marshall: "thermal_zone infos"
Previous message: Mirza Borogovac: "Problem with network card natsemi in woody instalation"
In reply to: Jamie Lokier: "Re: A question about PROT_NONE on ARM and ARM26"
Next in thread: Jamie Lokier: "Re: A question about PROT_NONE on ARM and ARM26"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]