projects / linux-4.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 81be0ae) | patch
PCI: Lock down BAR access when securelevel is enabled
authorMatthew Garrett <mjg59@srcf.ucam.org>
Thu, 8 Mar 2012 15:10:38 +0000 (10:10 -0500)
committerYves-Alexis Perez <corsac@debian.org>
Fri, 9 Feb 2018 12:58:52 +0000 (12:58 +0000)
commitd68a26ac29728d8d62fda7b8e0114b152bad3487
tree0a2ad01514e8f71343ca67143e72224b6af1a17etree | snapshot
parent81be0aeaa9328142354ed3e056f1138e0663e60bcommit | diff
PCI: Lock down BAR access when securelevel is enabled

Any hardware that can potentially generate DMA has to be locked down from
userspace in order to avoid it being possible for an attacker to modify
kernel code. This should be prevented if securelevel has been set. Default
to paranoid - in future we can potentially relax this for sufficiently
IOMMU-isolated devices.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name pci-lock-down-bar-access-when-securelevel-is-enabled.patch
drivers/pci/pci-sysfs.c diff | blob | history
drivers/pci/proc.c diff | blob | history
drivers/pci/syscall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.