Re: Direct access to hardware

Dan Hollis (goemon@sasami.anime.net)
Fri, 21 Jul 2000 15:49:32 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Oliver Xymoron: "RE: Cache coherency... and locking"
Previous message: Chris Wedgwood: "Re: Do ramdisk exec's map direct to buffer cache?"

On Sat, 22 Jul 2000, Ville Herva wrote:
> So, would it be feasible to make it possible to disable direct hardware
> access (/dev/mem, /dev/nvram, HD ioctls, what else?) completely in kernel
> config?

I would certainly feel better if this were possible, in which case Andre's
patch would be more reasonable.

If you can't bit-bang hardware directly, and kernel API is the only access
to devices, then it's easier to secure.

As long as raw hardware access is possible, no amount of kernel API
parameter checking will protect you from malicious programs. (I think,
this is a point the GGI guys try to make)

What userspace programs still require direct raw access to hardware? Only
X servers?

-Dan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oliver Xymoron: "RE: Cache coherency... and locking"
Previous message: Chris Wedgwood: "Re: Do ramdisk exec's map direct to buffer cache?"