Re: Warn users about machines with non-working WP bit

Brian Gerst (bgerst@didntduck.org)
Wed, 03 Apr 2002 17:24:51 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Pavel Machek: "Re: Warn users about machines with non-working WP bit"
Previous message: Rik van Riel: "Re: [PATCH 2.5.5] do export vmalloc_to_page to modules..."
Maybe in reply to: Pavel Machek: "Warn users about machines with non-working WP bit"

Pavel Machek wrote:
>
> Hi!
>
> This might be good idea, as those machines are not safe for multiuser
> systems.
>
> --- clean.2.5/arch/i386/mm/init.c Sun Mar 10 20:06:31 2002
> +++ linux/arch/i386/mm/init.c Mon Mar 11 21:49:14 2002
> @@ -383,7 +383,7 @@
> local_flush_tlb();
>
> if (!boot_cpu_data.wp_works_ok) {
> - printk("No.\n");
> + printk("No (that's security hole).\n");
> #ifdef CONFIG_X86_WP_WORKS_OK
> panic("This kernel doesn't support CPU's with broken WP. Recompile it for a 386!");
> #endif
>
> Pavel

The "bug" is really the lack of a feature present on 486+ cpus. A 386
will allow the kernel to write to a write-protected user page (but not a
write-protected kernel page). In user mode, write protect works as it
should. The kernel works around this by doing extra checks when writing
to user pages (check the *_user() functions). It is not a security
hole, because if the kernel wasn't compiled with the workaround, it
refuses to boot on those cpus.

Brian Gerst - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Pavel Machek: "Re: Warn users about machines with non-working WP bit"
Previous message: Rik van Riel: "Re: [PATCH 2.5.5] do export vmalloc_to_page to modules..."
Maybe in reply to: Pavel Machek: "Warn users about machines with non-working WP bit"