Re: [PATCH 01/12] Add BSD-style securelevel support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2013-09-09 at 09:27 -0700, H. Peter Anvin wrote:
> On 09/09/2013 08:49 AM, Matthew Garrett wrote:

> > +1:  Secure mode. If set, userspace will be unable to perform direct access
> > +    to PCI devices, port IO access, access system memory directly via
> > +    /dev/mem and /dev/kmem, perform kexec_load(), use the userspace
> > +    software suspend mechanism, insert new ACPI code at runtime via the
> > +    custom_method interface or modify CPU MSRs (on x86). Certain drivers
> > +    may also limit additional interfaces.
> > +
> 
> This will break or have to be redefined once you have signed kexec.

So, thinking about this, how about defining it as:

1:  Secure mode. If set, userspace will be prevented from performing any
operation that would permit the insertion of untrusted code into the
running kernel. At present this includes direct access to PCI devices,
port IO access,  direct system memory access via /dev/mem and /dev/kmem,
kexec_load(), the userspace software suspend mechanism, insertion of new
ACPI code at runtime via the custom_method interface or modification of
CPU MSRs (on x86). Certain drivers may also limit additional interfaces.

-- 
Matthew Garrett <matthew.garrett@xxxxxxxxxx>
��.n��������+%������w��{.n�����{����*jg��������ݢj����G�������j:+v���w�m������w�������h�����٥





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux