Bug#336220: xdm: bogus /dev/mem access lead to trouble on arm platforms
On Mon, Sep 17, 2007 at 08:55:49AM +0200, Brice Goglin wrote:
> > > On arm platforms where physical RAM doesn't start at physical address
> > > zero, opening /dev/mem and reading from it causes a kernel oops. This
> > > is arguably a kernel bug, but it's still not a very good idea to just
> > > start randomly poking around in /dev/mem in search of entropy, which is
> > > what xdm does if it can't get entropy elsewhere.
> > >
> > > (When the kernel is fixed, blindly reading from /dev/mem will simply
> > > just fail with EFAULT instead of oopsing. If that will cause xdm to
> > > fail, it should really just fail right away if /dev/random doesn't work.)
> >
> > xdm seems to try /dev/urandom first nowadays (before /dev/random and then
> > /dev/mem). I don't whether arm systems have a /dev/urandom, but it seems
> > more likely than having a /dev/random.
> >
> > I don't know which version of xdm you were running when you reported this
> > problem (Xorg 6.8.2 was the latest release on 2005/10/28). But it was at
> > the same time that the urandom support has been added upstream (in Xorg
> > 6.9.99.902 on 2005/10/29).
> >
> > So please test with a more recent xdm and report back whether it helps.
>
> Ping?
I'm not sure what to reply to this.
The problem is not that xdm doesn't check /dev/urandom first, the
problem is that it reads from /dev/mem _at all_.
It is possible that checking /dev/urandom first masks the problem
in most configurations, but it doesn't solve it (if you don't have
/dev/random and /dev/urandom in your filesystem for whatever reason,
you still oops.)
Reply to: