grsecurity forums

Skip to content

allowed mmap of /dev/kmem?

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

allowed mmap of /dev/kmem?

Postby grsecuser » Tue Jun 28, 2005 10:14 am

I am using grsecurity-2.1.6-2.4.31-200506141150. Over a year ago I downloaded a regression test from grsec cvs that tested writing to /dev/kmem, etc (it seems to have been removed from CVS in the meantime). I noticed after I upgraded that it says

Code: Select all
Testing denied write of /dev/mem... : PASSED
Testing denied mmap write of /dev/kmem... : FAILED
Testing denied open of /dev/port... : PASSED
Testing denied write of /dev/kmem... : PASSED
Testing denied mmap write of /dev/kmem... : FAILED


I think the first "Testing denied mmap write of /dev/kmem" should say "Testing denied mmap write of /dev/mem". The mmap testing code is

Code: Select all
fd = open("/dev/kmem", O_RDWR);

retp = mmap(NULL, 1000, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);

close(fd);
       
if (retp == MAP_FAILED)
    printf("PASSED\n");
else
    printf("FAILED\n");


On a machine running 2.1.5-2.4.30-200504082027, all the tests pass as expected.

Is this something I should be concerned about? I saw mention of kmem changes related to ATI video cards in the announcement, but this machine has an S3 card in it.

Thanks!
grsecuser
 
Posts: 3
Joined: Tue Jun 28, 2005 9:31 am
Top

Postby spender » Wed Jun 29, 2005 6:32 pm

The regression test was wrong. It tested by writing to an area of physical memory not involved with the kernel image which needs to be written to by some video cards. I've fixed the regression test.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group
cron