Date: Thu, 6 Sep 2018 08:24:32 -0700 From: John Baldwin <jhb@FreeBSD.org> To: Shawn Webb <shawn.webb@hardenedbsd.org>, Alexander Motin <mav@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r338494 - head/sys/cam/ctl Message-ID: <51c27534-8cc2-cd30-dd53-77fd7ad5bdf7@FreeBSD.org> In-Reply-To: <20180906145421.7mejwhcfezwtsk4k@mutt-hbsd> References: <201809061403.w86E3AUm097915@repo.freebsd.org> <20180906145421.7mejwhcfezwtsk4k@mutt-hbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/6/18 7:54 AM, Shawn Webb wrote: > On Thu, Sep 06, 2018 at 02:03:10PM +0000, Alexander Motin wrote: >> Author: mav >> Date: Thu Sep 6 14:03:10 2018 >> New Revision: 338494 >> URL: https://svnweb.freebsd.org/changeset/base/338494 >> >> Log: >> Add missing copyin() to access LUN and port ioctl arguments. >> >> Somehow this was working even after PTI in, at least on amd64, and got >> broken by something only very recently. > > Is anyone investigating why the direct access still worked? PTI doesn't disable kernel access to user pages, it only disables translation of kernel virtual addresses while in user mode. The thing that catches this type of access is SMAP (which was only recently enabled on x86). -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51c27534-8cc2-cd30-dd53-77fd7ad5bdf7>