On Wed, 2018-11-07 at 22:56 +0100, Samuel Thibault wrote: > Adam Jackson, le mer. 07 nov. 2018 15:09:58 -0500, a ecrit: > > Because the kernel is the one thing in a position to enforce access > > exclusion. > > root-owned processes can still use ioperm to get access to io ports and > break that.
Maybe on your kernel. Mine doesn't allow ioperm even for root. > > If you try to implement this with a userspace arbiter then > > all you need to do to break it is run an old version of libpciaccess. > > Sure. Except if ioperm is allowed only for the pci arbiter. ... but that's all you need. Call ioperm, if it succeeds you must be the arbiter, so you install the x86 backend. If it fails you use the arbiter backend. There's no reason for pci_system_init()'s caller to care. - ajax _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
