On Sat, Jan 07, 2006 at 08:59:38AM +0100, Pavel Cahyna wrote:
> On Sat, Jan 07, 2006 at 05:44:50AM +0100, Manuel Bouyer wrote:
> > On Sat, Jan 07, 2006 at 01:14:49AM +0100, Pavel Cahyna wrote:
> > > Why?
> > > 
> > > if you have root in a domU, you don't need a kernel bug to use DMA, which
> > > opens the door to dom0.
> > 
> > How do you get access to the DMA register if you don't take control over
> > the kernel ?
> 
> i386_iopl ?

int
i386_iopl(l, args, retval)
{
[...]
	if (securelevel > 1)
		return EPERM;

Of course what I said relies on the kernel starting at securelevel 1, which
I said in a previous mail.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 26 ans d'experience feront toujours la difference
--