projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9b7ce11) | patch
PCI: Lock down BAR access when securelevel is enabled
authorMatthew Garrett <mjg59@srcf.ucam.org>
Thu, 8 Mar 2012 15:10:38 +0000 (10:10 -0500)
committerBen Hutchings <ben@decadent.org.uk>
Mon, 12 Jun 2017 15:24:30 +0000 (15:24 +0000)
commitebf9ee693b26897b5344869c7d852964d1d30488
treeba81df52e1d371bb54f5def39f4d14194147f796tree | snapshot
parent9b7ce11d0de251e68938cba48d40198cea5392bacommit | diff
PCI: Lock down BAR access when securelevel is enabled

Any hardware that can potentially generate DMA has to be locked down from
userspace in order to avoid it being possible for an attacker to modify
kernel code. This should be prevented if securelevel has been set. Default
to paranoid - in future we can potentially relax this for sufficiently
IOMMU-isolated devices.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name pci-lock-down-bar-access-when-securelevel-is-enabled.patch
drivers/pci/pci-sysfs.c diff | blob | history
drivers/pci/proc.c diff | blob | history
drivers/pci/syscall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.