From: Arnd Bergmann <arnd@arndb.de>
To: linux-arm-kernel@lists.infradead.org
Cc: Dan Williams <dan.j.williams@intel.com>,
linux-kernel@vger.kernel.org,
Russell King <linux@arm.linux.org.uk>,
Kees Cook <keescook@chromium.org>,
linux-nvdimm@ml01.01.org,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"H. Peter Anvin" <hpa@zytor.com>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
Will Deacon <will.deacon@arm.com>, Ingo Molnar <mingo@redhat.com>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Martin Schwidefsky <schwidefsky@de.ibm.com>,
Thomas Gleixner <tglx@linutronix.de>,
Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [RFC PATCH] restrict /dev/mem to idle io memory ranges
Date: Fri, 20 Nov 2015 21:00:29 +0100 [thread overview]
Message-ID: <4325714.tYNkapC69P@wuerfel> (raw)
In-Reply-To: <20151120173133.24259.97028.stgit@dwillia2-desk3.jf.intel.com>
On Friday 20 November 2015 09:31:33 Dan Williams wrote:
> This effectively promotes IORESOURCE_BUSY to IORESOURCE_EXCLUSIVE
> semantics by default. If userspace really believes it is safe to access
> the memory region it can also perform the extra step of disabling an
> active driver. This protects device address ranges with read side
> effects and otherwise directs userspace to use the driver.
>
> Persistent memory presents a large "mistake surface" to /dev/mem as now
> accidental writes can corrupt a filesystem.
>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Russell King <linux@arm.linux.org.uk>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Will Deacon <will.deacon@arm.com>
> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
> Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Ingo Molnar <mingo@redhat.com>
> Cc: "H. Peter Anvin" <hpa@zytor.com>
> Cc: Andrew Morton <akpm@linux-foundation.org>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Signed-off-by: Dan Williams <dan.j.williams@intel.com>
>
I like the idea.
Maybe split the change up into two patches, where the first one
just does the trivial move of the Kconfig option, and the second
one that changes behavior is small?
There is also a question of whether we actually need two options
or if we can safely make the existing option stricter.
Arnd
next prev parent reply other threads:[~2015-11-20 20:02 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-20 17:31 [RFC PATCH] restrict /dev/mem to idle io memory ranges Dan Williams
2015-11-20 20:00 ` Arnd Bergmann [this message]
2015-11-20 20:07 ` Kees Cook
2015-11-20 20:12 ` Russell King - ARM Linux
2015-11-20 20:26 ` Dan Williams
2015-11-20 20:45 ` Kees Cook
2015-11-23 9:38 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4325714.tYNkapC69P@wuerfel \
--to=arnd@arndb.de \
--cc=akpm@linux-foundation.org \
--cc=benh@kernel.crashing.org \
--cc=catalin.marinas@arm.com \
--cc=dan.j.williams@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=heiko.carstens@de.ibm.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvdimm@ml01.01.org \
--cc=linux@arm.linux.org.uk \
--cc=mingo@redhat.com \
--cc=schwidefsky@de.ibm.com \
--cc=tglx@linutronix.de \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).