projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c146479) | patch
PCI: Lock down BAR access when securelevel is enabled
authorMatthew Garrett <mjg59@srcf.ucam.org>
Thu, 8 Mar 2012 15:10:38 +0000 (10:10 -0500)
committerBen Hutchings <ben@decadent.org.uk>
Thu, 30 Mar 2017 01:16:33 +0000 (01:16 +0000)
commit39975f26472ec1549da02d8fe7e2a8c15278cec5
tree912219213f235c4a1f1c444fda1f91fe7a4cef59tree | snapshot
parentc146479f1625b0b621a4fb757b4e49dfc0d662efcommit | diff
PCI: Lock down BAR access when securelevel is enabled

Any hardware that can potentially generate DMA has to be locked down from
userspace in order to avoid it being possible for an attacker to modify
kernel code. This should be prevented if securelevel has been set. Default
to paranoid - in future we can potentially relax this for sufficiently
IOMMU-isolated devices.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name pci-lock-down-bar-access-when-securelevel-is-enabled.patch
drivers/pci/pci-sysfs.c diff | blob | history
drivers/pci/proc.c diff | blob | history
drivers/pci/syscall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.