Re: cpuctl(formely devcpu) patch test request

From: Coleman Kane <cokane_at_FreeBSD.org>
Date: Mon, 16 Jun 2008 14:42:41 -0400
On Mon, 2008-06-16 at 22:27 +0400, Stanislav Sedov wrote:
> On Mon, 16 Jun 2008 19:10:17 +0100
> "Rui Paulo" <rpaulo_at_FreeBSD.org> mentioned:
> 
> > There's no security issue here.
> > If the system administrator is concerned about "security" of cpuctl,
> > he/she just has to compile-out cpuctl or remove the module from the
> > file system.
> > 
> 
> Well, in this case it would be possible to load that again. Setting
> a non-zero securelevel or implementing a specific MAC policy might
> be a more correct solution. cpuctl(4) won't allow any MSR operations
> if securelevel is above zero.
> 

Is it potentially "unsafe" to use RDMSR?

-- 
Coleman Kane

Received on Mon Jun 16 2008 - 16:54:48 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:32 UTC