Ronald G Minnich <[EMAIL PROTECTED]> writes: > Some cards (DARPA SLAAC-II) have register sets that are direct-mapped into > user space. One register set on the SLAAC-II is 256 bytes. > > On some BIOSes the SLAAC-II register set was mapped onto the same physical > page as the IDE controller memory-mapped registers. A user program which > mmap'ed the SLAAC-II registers would have direct access to the SLAAC-II > register set AND the IDE register set. Misbehaving SLAAC-II programs could > thus scribble random junk into the IDE register set with predictably bad > results. Since on some controllers some bit-patterns mean "format the > drive" this could be very bad.
Agreed, a good thing to avoid. I would go farther and say this is a 50% driver bug in that it allowed the memory to be mmapped when it didn't know it was the only device on that page. This should be fairly easy to detect. > It's why in my linuxbios PCI setup code I round all BAR sizes to 4096 > bytes ... But there is no point in forcing drivers to support allocating their own address spaces. Eric
