Thank you both for the comments. Sounds like a better solution is to allow accesses to only I/O regions presented in the EFI memory map for physical addresses below 1 MB. Do we need to worry about the X checksum in the first MB on an EFI system? Thanks, Mak. On 10/02/2012 11:15 PM, Matthew Garrett wrote: > On Tue, Oct 02, 2012 at 09:44:16PM -0700, H. Peter Anvin wrote: > >> We *always* expose the I/O regions to /dev/mem. That is what /dev/mem >> *does*. The above is an exception (which is really obsolete, too: we >> should simply disallow access to anything which is treated as system >> RAM, which doesn't include the BIOS regions in question; the only reason >> we don't is that some versions of X take a checksum of the RAM in the >> first megabyte as some kind of idiotic random seed.) > > Oh, right, got you. In that case I think we potentially need a > finer-grained check on EFI platforms - the EFI memory map is kind enough > to tell us the difference between unusable regions and io regions, and > we could avoid access to the unusable ones. > -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>