From owner-freebsd-current@FreeBSD.ORG Fri Jul 23 14:53:05 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 13D7916A4CE; Fri, 23 Jul 2004 14:53:05 +0000 (GMT) Received: from web.portaone.com (mail.russia.cz [195.70.151.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C99943D2D; Fri, 23 Jul 2004 14:53:04 +0000 (GMT) (envelope-from sobomax@portaone.com) Received: from [192.168.0.20] (portacare.portaone.com [195.140.247.242]) (authenticated bits=0) by web.portaone.com (8.12.8p2/8.12.8) with ESMTP id i6NEqmNC028658 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 23 Jul 2004 16:52:49 +0200 (CEST) (envelope-from sobomax@portaone.com) Message-ID: <41012639.3020102@portaone.com> Date: Fri, 23 Jul 2004 17:52:41 +0300 From: Maxim Sobolev Organization: Porta Software Ltd User-Agent: Mozilla Thunderbird 0.7.2 (Windows/20040707) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Doug Rabson References: <16634.47272.768935.436137@grasshopper.cs.duke.edu> <200407182039.10773.dfr@nlsystems.com> <16634.54674.966908.540880@grasshopper.cs.duke.edu> <200407182104.53221.dfr@nlsystems.com> <16638.32914.509773.486468@grasshopper.cs.duke.edu> <1090421941.7114.26.camel@builder02.qubesoft.com> In-Reply-To: <1090421941.7114.26.camel@builder02.qubesoft.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: simokawa@FreeBSD.ORG cc: freebsd-current@FreeBSD.ORG cc: Andrew Gallatin Subject: Re: Excellent job on the firewire support! X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jul 2004 14:53:05 -0000 Doug Rabson wrote: > On Wed, 2004-07-21 at 15:41, Andrew Gallatin wrote: > >>Doug Rabson writes: >> > Actually thats the only downside of dcons. It doesn't cut in until the >> > firewire controller attaches. It relies on the fact that the fwohci >> > driver allows access to physical memory from any node on the bus >> > (implemeted in hardware so you can examine the memory of a hung >> > machine). The dconschat program uses this feature to access the dcons >> > ring buffers in the target machine. >> >>Does remote access to physical memory require dcons to be loaded >>on the target? > > > No. The remote access to physical memory is a hardware-implemented > feature of the firewire ohci hardware. Its enabled in fwohci_attach(). > In the long term, I would like to restrict this a bit but right now all > you have to have is fwohci loaded on the target machine. It would be nice to have some sysctl which to disable such access, since it is BAD THING[tm] from the security POV. -Maxim