Date: Tue, 5 Aug 2008 14:03:24 +0400 From: Stanislav Sedov <stas@FreeBSD.org> To: Coleman Kane <cokane@FreeBSD.org> Cc: kib@freebsd.org, Poul-Henning Kamp <phk@phk.freebsd.dk>, Rui Paulo <rpaulo@FreeBSD.org>, current@freebsd.org, Peter Jeremy <peterjeremy@optushome.com.au> Subject: Re: cpuctl(formely devcpu) patch test request Message-ID: <20080805140324.9f53ba9b.stas@FreeBSD.org> In-Reply-To: <1213641761.2184.0.camel@localhost> References: <20080606020927.8d6675e1.stas@FreeBSD.org> <10261.1212703949@critter.freebsd.dk> <20080606025533.8322ee08.stas@FreeBSD.org> <1212758604.1904.33.camel@localhost> <20080615230250.7f3efae4.stas@FreeBSD.org> <1213557999.1816.15.camel@localhost> <20080616204433.48ad9879.stas@FreeBSD.org> <e1309ba60806161110x5f774fcdic2f5c7b2e7bcb83e@mail.gmail.com> <20080616222740.5cdd9490.stas@FreeBSD.org> <1213641761.2184.0.camel@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
--Signature=_Tue__5_Aug_2008_14_03_24_+0400_Fo2AJIKU7ZoFBGeO Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, 16 Jun 2008 14:42:41 -0400 Coleman Kane <cokane@FreeBSD.org> mentioned: >=20 > Is it potentially "unsafe" to use RDMSR? > Well, it might disclose some sensitive information, as well as create covert channels. E.g. some of the registers contains kernel thread pointers, etc; some of them undocumented. It won't be very wise to give access to the rdmsr feature to all users on a multi-user machine. Sorry for this taking so long. You messages spotted a bug in my security model for this driver, so I've redone that. Now, the access to the rdmsr and cpuid features will be granted only if the caller has read permissions on the device, and wrmsr/update - only if he've opened the device for writing. This way you can provide fine-grained control to the driver features. I've also added the cpucontrol utility which provided userland accesss to the driver, and allows to apply microcode updates. The latest patch against HEAD is available here: ftp://ftp.SpringDaemons.com/dustheap/cpuctl.4.diff Thanks! --=20 Stanislav Sedov ST4096-RIPE --Signature=_Tue__5_Aug_2008_14_03_24_+0400_Fo2AJIKU7ZoFBGeO Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkiYJXYACgkQK/VZk+smlYHrqgCfQ9yu6ZlfOUbMUQLg0SM3uO5x mrgAn00GQ0LUnoVYtymrX+gme5pAB8mo =RzxB -----END PGP SIGNATURE----- --Signature=_Tue__5_Aug_2008_14_03_24_+0400_Fo2AJIKU7ZoFBGeO--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080805140324.9f53ba9b.stas>