From owner-freebsd-hackers Sun Dec 31 01:27:21 1995 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id BAA14672 for hackers-outgoing; Sun, 31 Dec 1995 01:27:21 -0800 (PST) Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id BAA14651 for ; Sun, 31 Dec 1995 01:27:15 -0800 (PST) Received: from sax.sax.de by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id KAA07858 for ; Sun, 31 Dec 1995 10:27:07 +0100 Received: by sax.sax.de (8.6.11/8.6.12-s1) with UUCP id KAA12624 for freebsd-hackers@freebsd.org; Sun, 31 Dec 1995 10:27:07 +0100 Received: (from j@localhost) by uriah.heep.sax.de (8.7.3/8.6.9) id JAA16189 for freebsd-hackers@freebsd.org; Sun, 31 Dec 1995 09:41:42 +0100 (MET) From: J Wunsch Message-Id: <199512310841.JAA16189@uriah.heep.sax.de> Subject: Re: /dev/io To: freebsd-hackers@freebsd.org (FreeBSD hackers) Date: Sun, 31 Dec 1995 09:41:41 +0100 (MET) Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) In-Reply-To: <199512310425.PAA16666@rf900.physics.usyd.edu.au> from "David Dawes" at Dec 31, 95 03:25:46 pm X-Phone: +49-351-2012 669 X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-hackers@freebsd.org Precedence: bulk As David Dawes wrote: > > >I wasn't even aware that this existed, but looking at the Xserver source > >it seems like BSDI, Linux, FreeBSD, and NetBSD all have it (but only > >Free/NetBSD use it for Xserver IO permission). I don't think that this would be more secure than our scheme anyway. So although it seems to be more `standard', there's nothing we would gain from another scenario. Given that it doesn't have any technical merit at all, i wonder why NetBSD even adopted it. Security considerations: Our KDENABIO is restricted to a process with effective UID 0. Our /dev/io is a security hole in that it allows group kmem processes to access the registers (and i haven't seen any reason why this might be necessary or useful). I think SysV allows any process to get access to IO registers via the IO perm bitmap. :-( (I don't know about Linux.) > The KDENABIO ioctl originates in SYSV, although in SYSV it is used > to enable ports set in an IO permission bitmap. Most X servers need > ports beyond the 0-0x3ff usually covered by such a bitmap. Also there > is a performance penalty in using the bitmap. In particular, it would require us to use CPU task switching. I believe FreeBSD's context switching behaviour has been fine-tuned to be better without separate task state segments per process. > I don't know what the XInside server does to enable I/O permission. I assume they also use the kbd driver. This interface has been established long before anything in the line of /dev/io or other calls, it even existed in the early pccons driver (though there used to be a central call for all actions required for the X server startup). -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)