From owner-freebsd-stable@FreeBSD.ORG Thu Sep 9 14:54:56 2010 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E1FA210656F6 for ; Thu, 9 Sep 2010 14:54:56 +0000 (UTC) (envelope-from pi@opsec.eu) Received: from home.opsec.eu (home.opsec.eu [IPv6:2001:14f8:200::1]) by mx1.freebsd.org (Postfix) with ESMTP id 919258FC26 for ; Thu, 9 Sep 2010 14:54:56 +0000 (UTC) Received: from pi by home.opsec.eu with local (Exim 4.72 (FreeBSD)) (envelope-from ) id 1OtiWf-000BLh-Ip; Thu, 09 Sep 2010 16:54:57 +0200 Date: Thu, 9 Sep 2010 16:54:57 +0200 From: Kurt Jaeger To: Gareth de Vaux Message-ID: <20100909145457.GH34314@home.opsec.eu> References: <20100908094050.GA73841@lordcow.org> <20100909125400.GA18723@lordcow.org> <20100909131340.GA75829@icarus.home.lan> <20100909132519.GB21535@lordcow.org> <20100909140224.GA76889@icarus.home.lan> <20100909142226.GA25370@lordcow.org> <20100909142455.GA77677@icarus.home.lan> <20100909142928.GA25877@lordcow.org> <20100909143357.GG34314@home.opsec.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20100909143357.GG34314@home.opsec.eu> Cc: stable@freebsd.org Subject: Re: MSIX failure X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Sep 2010 14:54:57 -0000 Hi! > > > Is this within a jail or something else along those lines? I can't > > > reproduce the problem otherwise. Frustrating! Someone else on the list > > > might have ideas as to what could cause this. > > > > Nope, this's a normal host. I've got securelevel on 1, but doubt that > > would affect this? > > I assume it affects it. > > http://www.freebsd.org/doc/en/books/faq/security.html#SECURELEVEL > > Basically, when the securelevel is positive, the kernel restricts > certain tasks; not even the superuser (i.e., root) is allowed to > do them. > > There: > > # Write to kernel memory via /dev/mem and /dev/kmem. > > So I assume it also restricts reading /dev/kmem ? -c asks for pci device capabilities, which are read in /usr/src/usr.sbin/pciconf/pciconf.c:177 with O_RDWR I guess that's it. -- pi@opsec.eu +49 171 3101372 10 years to go !