[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

a small C program to test xdm's /dev/mem reading on your architecture



The long story, for those interested:

http://lists.debian.org/debian-x/2002/debian-x-200208/msg00091.html

(and read the whole thread)

The short story:

I need people with root on machines of your given architecture to
compile and run the attached C program.  It consists of code borrowed
from xdm's genauth.c program.

The X Strike Force is trying to determine for which architectures it's a
bad idea to read several megabytes of data sequentially from /dev/mem,
because this is exactly what XDM currently does when generating an
XDM-AUTHORIZATION-1 cookie.

Be warned: on at least some architectures (notably IA-64), this sort of
read has been known to cause untrapped machine checks (a.k.a., lockups
or spontaneous reboots).  Arguably the kernel should trap this sort of
nonsense, so you may be in the mood to file a bug against "kernel" after
running this program.

I and the other folks at the X Strike Force need to know the following
things:

1) whether or not this program works when you run it without arguments
2) if scenario 1) causes problems, what the last line of output was
3) if scenario 1) causes problems, whether invoking this program with
the argument "fragile" helps it
4) if scenario 3) causes problems, what the last line of output was

Remember, this program must be run as root.  If normal users can read
from /dev/mem on your machine, you're in trouble.  :)

-- 
G. Branden Robinson                |     No math genius, eh?  Then perhaps
Debian GNU/Linux                   |     you could explain to me where you
branden@debian.org                 |     got these...       PENROSE TILES!
http://people.debian.org/~branden/ |     -- Stephen R. Notley
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>

#define FILE_LIMIT 1024

static int
sumFile (char *name, long sum[2], int dofragile)
{
    long    buf[1024*2];
    int	    cnt;
    int	    fd;
    int	    loops;
    int	    reads;
    int	    i;
    int     ret_status = 0;

    fd = open (name, O_RDONLY);
    if (fd < 0) {
	fprintf(stderr, "Cannot open randomFile \"%s\" (%s)\n", name, strerror(errno));
	return 0;
    }
    if (dofragile) {
	if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x100000, SEEK_SET);
    }
    reads = FILE_LIMIT;
    sum[0] = 0;
    sum[1] = 0;
    while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
	printf("read #%d of %d bytes \n", (FILE_LIMIT - reads + 1), sizeof (buf));
	loops = cnt / (2 * sizeof (long));
	for (i = 0; i < loops; i+= 2) {
	    sum[0] += buf[i];
	    sum[1] += buf[i+1];
	    ret_status = 1;
	}
    }
    if (cnt < 0)
	fprintf(stderr, "Cannot read randomFile \"%s\" (%s)\n", name, strerror(errno));
    close (fd);
    return ret_status;
}

int main(int argc, char *argv[])
{
    int status;
    int dofragile = 0;
    long checksum[2];
    char *filename = "/dev/mem";

    if (argv[1] != NULL && (strncmp(argv[1], "fragile", 7) == 0)) {
	dofragile = 1;
    }
    printf("Reading data from %s%s...\n", (dofragile ? "(fragile) " : ""), filename);
    status = sumFile(filename, checksum, dofragile);
    printf("done with read of %s%s (returned %d).\n", (dofragile ? "(fragile) " : ""), filename, status);
    printf("sumFile() %s.\n", (status ? "succeeded" : "failed" ));

    exit(0);
}

Attachment: pgpoyBNa7FY2u.pgp
Description: PGP signature


Reply to: