Subject: Re: X woes
To: Charles M. Hannum <mycroft@ai.mit.edu>
From: Zdenek Salvet <salvet@nyx.dcs.muni.cz>
List: port-i386
Date: 04/26/1995 08:15:35
Charles M. Hannum wrote:
>
> Are the people having trouble with X using the `aperture driver'? If
> so, did you recompile it? The format of the device switch table has
> changed slightly, and no doubt that `driver' is out of date. Notably,
> the mmap pointer is in a different position.
I have just looked into aperture driver source and found this:
#define VGA_START 0xA0000
#define VGA_END 0xBFFFF
/*
* mmap() physical memory sections
*
* allow only section in the vga framebuffer and above main memory
* to be mapped
*/
int
apmmap(dev_t dev, int offset, int length)
{
if ((minor(dev) == 0)
&& (offset >= VGA_START && offset <= VGA_END
|| (unsigned)offset > (unsigned)ctob(physmem))) {
return i386_btop(offset);
} else {
return(-1);
}
}
I wonder why "length" argument is not checked/used.
Could be aperture driver secure if it would do such checks ?
(root only allowed to write directly into framebuffer)