From owner-freebsd-current@FreeBSD.ORG Fri Jul 23 18:27:01 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A7D0E16A4CE; Fri, 23 Jul 2004 18:27:01 +0000 (GMT) Received: from web.portaone.com (web.portaone.com [195.70.151.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0535F43D39; Fri, 23 Jul 2004 18:27:01 +0000 (GMT) (envelope-from sobomax@portaone.com) Received: from [192.168.0.20] (portacare.portaone.com [195.140.247.242]) (authenticated bits=0) by web.portaone.com (8.12.8p2/8.12.8) with ESMTP id i6NIQrNC041654 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 23 Jul 2004 20:26:55 +0200 (CEST) (envelope-from sobomax@portaone.com) Message-ID: <41015865.7010807@portaone.com> Date: Fri, 23 Jul 2004 21:26:45 +0300 From: Maxim Sobolev Organization: Porta Software Ltd User-Agent: Mozilla Thunderbird 0.7.2 (Windows/20040707) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brooks Davis , phk@freebsd.org References: <16634.47272.768935.436137@grasshopper.cs.duke.edu> <200407182039.10773.dfr@nlsystems.com> <16634.54674.966908.540880@grasshopper.cs.duke.edu> <200407182104.53221.dfr@nlsystems.com> <16638.32914.509773.486468@grasshopper.cs.duke.edu> <1090421941.7114.26.camel@builder02.qubesoft.com> <41012639.3020102@portaone.com> <20040723164809.GA12747@Odin.AC.HMC.Edu> In-Reply-To: <20040723164809.GA12747@Odin.AC.HMC.Edu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: simokawa@freebsd.org cc: freebsd-current@freebsd.org cc: Andrew Gallatin Subject: Re: Excellent job on the firewire support! X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jul 2004 18:27:01 -0000 Brooks Davis wrote: > On Fri, Jul 23, 2004 at 05:52:41PM +0300, Maxim Sobolev wrote: > >>Doug Rabson wrote: >> >> >>>On Wed, 2004-07-21 at 15:41, Andrew Gallatin wrote: >>> >>> >>>>Doug Rabson writes: >>>> >>>>>Actually thats the only downside of dcons. It doesn't cut in until the >>>>>firewire controller attaches. It relies on the fact that the fwohci >>>>>driver allows access to physical memory from any node on the bus >>>>>(implemeted in hardware so you can examine the memory of a hung >>>>>machine). The dconschat program uses this feature to access the dcons >>>>>ring buffers in the target machine. >>>> >>>>Does remote access to physical memory require dcons to be loaded >>>>on the target? >>> >>> >>>No. The remote access to physical memory is a hardware-implemented >>>feature of the firewire ohci hardware. Its enabled in fwohci_attach(). >>>In the long term, I would like to restrict this a bit but right now all >>>you have to have is fwohci loaded on the target machine. >> >>It would be nice to have some sysctl which to disable such access, since >>it is BAD THING[tm] from the security POV. > > > In high security environments, they use a tube of epoxy. ;-) Heh, I know, Poul in his GBDE talk mentioned that something like that makes a perfect pair for each firewire connector. ;) Actually he painted even more black picture - he way saying that such direct memory access is mandatory for all firewire controllers and that there is no way to turn it off. It is nice to hear that it is off after cold boot and is possible to turn off from the device driver. -Maxim