Re: Direct access to hardware

• Next message: Oliver Xymoron: "RE: Cache coherency... and locking"
• Previous message: Chris Wedgwood: "Re: Do ramdisk exec's map direct to buffer cache?"
• In reply to: Ville Herva: "Direct access to hardware"
• Next in thread: Miquel van Smoorenburg: "Re: Direct access to hardware"
• Reply: Miquel van Smoorenburg: "Re: Direct access to hardware"
• Reply: Khimenko Victor: "Re: Direct access to hardware"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 22 Jul 2000, Ville Herva wrote:
> So, would it be feasible to make it possible to disable direct hardware
> access (/dev/mem, /dev/nvram, HD ioctls, what else?) completely in kernel
> config?

I would certainly feel better if this were possible, in which case Andre's
patch would be more reasonable.

If you can't bit-bang hardware directly, and kernel API is the only access
to devices, then it's easier to secure.

As long as raw hardware access is possible, no amount of kernel API
parameter checking will protect you from malicious programs. (I think,
this is a point the GGI guys try to make)

What userspace programs still require direct raw access to hardware? Only
X servers?

-Dan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Oliver Xymoron: "RE: Cache coherency... and locking"
• Previous message: Chris Wedgwood: "Re: Do ramdisk exec's map direct to buffer cache?"
• In reply to: Ville Herva: "Direct access to hardware"
• Next in thread: Miquel van Smoorenburg: "Re: Direct access to hardware"
• Reply: Miquel van Smoorenburg: "Re: Direct access to hardware"
• Reply: Khimenko Victor: "Re: Direct access to hardware"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:16 EST