10 May
2011
10 May
'11
8:07 a.m.
Am Montag, den 09.05.2011, 22:48 -0700 schrieb Stefan Reinauer:
Are there way to make port access without iopl()?
No. The whole reason of CONFIG_GRKERSEC_IO is to prevent you from running tools like flashrom. ;-)
Which is (although there is a smiley) not a joke. Hardware drivers belong to the kernel, which is deemed "trusted" in models like grsecurity, and anything doing direct hardware access circumventing the kernel is deemed to be evil. So it does not target flashrom in special, but it is meant in fact for (or more likely against) programs "like flashrom". I would not be surprised if grsecurity also prevents r/w mapping of the BIOS chip.
Regards, Michael Karcher