ChanServ changed the topic of #armlinux to: ARM kernel talk [Upstream kernel, find your vendor forums for questions about their kernels] | https://libera.irclog.whitequark.org/armlinux
heat is now known as _Heat
_Heat is now known as memheat
memheat is now known as heat
mraynal has quit [Remote host closed the connection]
mraynal has joined #armlinux
rbatty has joined #armlinux
apritzel has quit [Ping timeout: 256 seconds]
sakman has quit [Quit: Leaving]
rbatty has quit [Remote host closed the connection]
rbatty has quit [Remote host closed the connection]
amitk has joined #armlinux
amitk has quit [Client Quit]
sakman has joined #armlinux
monstr has joined #armlinux
heat has quit [Ping timeout: 276 seconds]
iivanov has joined #armlinux
rbatty has joined #armlinux
IgorPec has quit [Remote host closed the connection]
IgorPec has joined #armlinux
commodo has joined #armlinux
rbatty has quit [Remote host closed the connection]
rbatty has joined #armlinux
rbatty has quit [Read error: Connection reset by peer]
sakman has quit [Remote host closed the connection]
rbatty has joined #armlinux
rbatty has quit [Remote host closed the connection]
sakman has joined #armlinux
rbatty has joined #armlinux
rbatty has quit [Remote host closed the connection]
rbatty has joined #armlinux
rbatty has quit [Remote host closed the connection]
rbatty has joined #armlinux
gclement has joined #armlinux
rbatty has quit [Client Quit]
rbatty has joined #armlinux
rbatty has quit [Remote host closed the connection]
rbatty has joined #armlinux
apritzel has joined #armlinux
frieder has joined #armlinux
apritzel has quit [Ping timeout: 264 seconds]
biju has joined #armlinux
<biju>
Hi, is there a way to block a physical address from mmaping from user space and block ioremaping from kernal space?
<bjdooks>
I'm not sure, I haven't seen one
nsaenz has joined #armlinux
<geertu>
biju: For userspace, disable CONFIG_DEVMEM
prabhakarlad has joined #armlinux
headless has joined #armlinux
deathcamel57 has quit [Read error: Connection reset by peer]
<biju>
geertu: Ok, so by disabling the DEVMEM driver, there won't be any /dev/mem and we can avoid mmaping from userspace.
sszy has joined #armlinux
<biju>
What about using a custom module and module is exposing a mmap callback for the address locations not defined in DT? How do we prevent such scenario for application accessing that physical address through custom module in Linux?
nsaenz has quit [Remote host closed the connection]
<geertu>
biju: What about installing a module that allows to program dmac, vsp, ipmmu, ... from userspace? *BOOM*
<geertu>
If the attacker can install his own modules, and is root, SOL
<javierm>
biju, geertu: I think the solution is to enable the kernel lockdown feature. That will prevent exposing devmem and other unsafe interfaces and also prevents unsigned modules to be loaded, etc
nsaenz has joined #armlinux
nsaenz has quit [Remote host closed the connection]
nsaenz has joined #armlinux
atorgue has joined #armlinux
commodo has quit [Ping timeout: 260 seconds]
hays has joined #armlinux
headless has quit [Quit: Konversation terminated!]
cbeznea_ has joined #armlinux
apritzel has joined #armlinux
dhruvag2000 has joined #armlinux
mvaittin has joined #armlinux
suihkulokki has quit [Ping timeout: 245 seconds]
suihkulokki has joined #armlinux
deathcamel57 has joined #armlinux
rvalue has quit [Ping timeout: 252 seconds]
mripard has quit [Ping timeout: 255 seconds]
commodo has joined #armlinux
rvalue has joined #armlinux
commodo has quit [Remote host closed the connection]
<maz>
the one true way is to disallow userspace.
psydroid2 has joined #armlinux
<Guest4315>
maz: disallow the kernel too
<maz>
Guest4315: CONFIG_NR_CPUS=0
mripard has joined #armlinux
dhruvag2000 has quit [Quit: Connection closed for inactivity]
nsaenz has quit [Remote host closed the connection]
nsaenz has joined #armlinux
atorgue has quit [Quit: Client closed]
nsaenz_ has joined #armlinux
apritzel has quit [Remote host closed the connection]
apritzel has joined #armlinux
nsaenz has quit [Ping timeout: 260 seconds]
headless has joined #armlinux
nsaenz_ has quit [Remote host closed the connection]
nsaenz has joined #armlinux
sakman has quit [Quit: Leaving]
nsaenz has quit [Remote host closed the connection]
nsaenz has joined #armlinux
monstr has quit [Remote host closed the connection]
iivanov has quit [Quit: Leaving]
heat has joined #armlinux
gclement has quit [Ping timeout: 255 seconds]
heat has quit [Read error: Connection reset by peer]
gclement has joined #armlinux
heat has joined #armlinux
nsaenz has quit [Ping timeout: 268 seconds]
gclement has quit [Quit: Leaving.]
Lucanis has joined #armlinux
sszy has quit [Quit: No Ping reply in 180 seconds.]
sszy has joined #armlinux
apritzel has quit [Ping timeout: 255 seconds]
frieder has quit [Remote host closed the connection]
Perflosopher has quit [Quit: Ping timeout (120 seconds)]