Re: [GIT PULL] Kernel lockdown for secure boot

From: Alan Cox
Date: Thu Apr 05 2018 - 14:00:20 EST

Next message: Bjorn Andersson: "Re: [PATCH v6 2/2] dt-bindings: introduce Command DB for QCOM SoCs"
Previous message: Bjorn Andersson: "Re: [PATCH v6 1/2] drivers: qcom: add command DB driver"
In reply to: David Howells: "Re: [GIT PULL] Kernel lockdown for secure boot"
Next in thread: Matthew Garrett: "Re: [GIT PULL] Kernel lockdown for secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> How? When there are random DMA-capable PCI devices that are driven by
> userland tools that are mmap()ing the BARs out of sysfs, how do we
> simultaneously avoid breaking those devices while also preventing the
> majority of users from being vulnerable to an attacker just DMAing over the
> kernel?

VT-D

Next message: Bjorn Andersson: "Re: [PATCH v6 2/2] dt-bindings: introduce Command DB for QCOM SoCs"
Previous message: Bjorn Andersson: "Re: [PATCH v6 1/2] drivers: qcom: add command DB driver"
In reply to: David Howells: "Re: [GIT PULL] Kernel lockdown for secure boot"
Next in thread: Matthew Garrett: "Re: [GIT PULL] Kernel lockdown for secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]