Re: [PATCH 2/2] x86: Allow disabling of sys_iopl, sys_ioperm

From: Alan Cox
Date: Thu Jul 14 2011 - 19:07:20 EST

Next message: Alan Cox: "Re: [PATCH 2/2] x86: Allow disabling of sys_iopl, sys_ioperm"
Previous message: Frederic Weisbecker: "Re: [PATCH 5/6] trace: Add tracepoints to call function interrupthandlers"
In reply to: H. Peter Anvin: "Re: [PATCH 2/2] x86: Allow disabling of sys_iopl, sys_ioperm"
Next in thread: Alan Cox: "Re: [PATCH 2/2] x86: Allow disabling of sys_iopl, sys_ioperm"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I'm suspecting that it might be cleaner to have kernel/ioaccess and
> kernel/ioaccess_lock as two booleans (0 or 1)...

I think firstly you need to decide what you are actually trying to stop
and the scope the problem out properly. Stopping iopl and ioperm without
thinking about the bigger picture is just going to produce nerf security.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: [PATCH 2/2] x86: Allow disabling of sys_iopl, sys_ioperm"
Previous message: Frederic Weisbecker: "Re: [PATCH 5/6] trace: Add tracepoints to call function interrupthandlers"
In reply to: H. Peter Anvin: "Re: [PATCH 2/2] x86: Allow disabling of sys_iopl, sys_ioperm"
Next in thread: Alan Cox: "Re: [PATCH 2/2] x86: Allow disabling of sys_iopl, sys_ioperm"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]