From owner-freebsd-hackers  Sat Apr 13 15:33:21 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from ns.koganei.wide.ad.jp (koganei.wide.ad.jp [202.249.37.254])
	by hub.freebsd.org (Postfix) with ESMTP id C896B37B405
	for <hackers@FreeBSD.ORG>; Sat, 13 Apr 2002 15:33:14 -0700 (PDT)
Received: from koganei.wide.ad.jp (214.pool2.ftthtokyo.att.ne.jp [165.76.218.214])
	(authenticated (0 bits))
	by ns.koganei.wide.ad.jp (8.11.6/8.11.6) with ESMTP id g3DMYTD80984;
	Sun, 14 Apr 2002 07:34:29 +0900 (JST)
	(envelope-from ikob@koganei.wide.ad.jp)
Message-ID: <3CB8B228.70006@koganei.wide.ad.jp>
Date: Sun, 14 Apr 2002 07:33:12 +0900
From: Katsushi Kobayashi <ikob@koganei.wide.ad.jp>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.8) Gecko/20020204
X-Accept-Language: en-us
MIME-Version: 1.0
To: Mikko Tyolajarvi <mikko@dynas.se>
Cc: simokawa@sat.t.u-tokyo.ac.jp, hackers@FreeBSD.ORG
Subject: Re: FireWire for kernel hackers
References: <ybselhkx4r3.wl@ett.sat.t.u-tokyo.ac.jp> <200204131941.g3DJfAb18611@mikko.rsa.com>
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Mikko Tyolajarvi wrote:

>
>Umm... excuse a stupid question, but does this mean that a firewire
>port always gives unconditional access to the host's memory?  Great
>for kernel debugging.  Maybe not so great for a running system, from a
>security point a view (ok, physical access eventually equals full
>access, but plugging in a firewire cable is a heck of a lot faster
>than using a screwdriver...)
>

Basically, firewire provides a function all host memory mapped into the
unified memory space. Using this unified memory enables a connected
host access to other host without CPU process.
I believe access control function relys a chip implementatin.

The IEEE1394 OHCI specifies two ways for the access control:

1. Host can specify the nodes capable to access its physical memory.
2. Host can specify the memory area capable to be accessed from
other host.

I believe the two access control ways are not enough in today.
However, the currecnt firewire standard only provides limited phisical
connection environment. Limited cable length and limited number of node.
I think the unconditional access issues will occure at the limited situation
only.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message