Re: Direct access to hardware

From: Horst von Brand (vonbrand@sleipnir.valparaiso.cl)
Date: Sun Jul 23 2000 - 21:50:30 EST


James Sutherland <jas88@cam.ac.uk> said:

[....]

> It shouldn't allow these blocks of unvalidated data through at all, then -
> that's too dangerous. If the kernel doesn't know what's going on, HTF is
> it supposed to enforce any kind of security or other system policy??

Yep. It should also carefully check that those damn ELF thingies being
thrown at the CPU better contain valid code!

[...]

> It's not filtering; IDE commands shouldn't originate in userland to begin
> with. Userland apps should make a request to the kernel for a specific
> kernel facility; the kernel then implements this by sending IDE commands
> as needed.

Great. "sys_issue_firmware_update_for_WD_disks_made_between_1995_and_1997"
et al. Sure, could be done. But why? One, or perhaps two of these couple
dozen functions will be called a handfull of times over the entire life of
the machine.

-- 
Horst von Brand                             vonbrand@sleipnir.valparaiso.cl
Casilla 9G, Vin~a del Mar, Chile                               +56 32 672616

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:18 EST