projects / linux-4.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2380ae0) | patch
PCI: Lock down BAR access when securelevel is enabled
authorMatthew Garrett <mjg59@srcf.ucam.org>
Thu, 8 Mar 2012 15:10:38 +0000 (10:10 -0500)
committerYves-Alexis Perez <corsac@debian.org>
Wed, 21 Feb 2018 15:29:03 +0000 (15:29 +0000)
commit72c010c9f8bd34922f7084b97142a8b3d03ce028
tree265179af7019befff8832d27f7c922e17ede164atree | snapshot
parent2380ae013f8c2ac5fc9dfa9d86348f6af8b6461fcommit | diff
PCI: Lock down BAR access when securelevel is enabled

Any hardware that can potentially generate DMA has to be locked down from
userspace in order to avoid it being possible for an attacker to modify
kernel code. This should be prevented if securelevel has been set. Default
to paranoid - in future we can potentially relax this for sufficiently
IOMMU-isolated devices.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name pci-lock-down-bar-access-when-securelevel-is-enabled.patch
drivers/pci/pci-sysfs.c diff | blob | history
drivers/pci/proc.c diff | blob | history
drivers/pci/syscall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.