From: Alex Williamson <alex.williamson@redhat.com>
To: Andy Lutomirski <luto@kernel.org>
Cc: Matthew Garrett <matthewgarrett@google.com>,
James Morris <jmorris@namei.org>,
LSM List <linux-security-module@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
David Howells <dhowells@redhat.com>,
Linux API <linux-api@vger.kernel.org>,
Matthew Garrett <mjg59@srcf.ucam.org>,
Matthew Garrett <mjg59@google.com>,
Bjorn Helgaas <bhelgaas@google.com>,
linux-pci@vger.kernel.org
Subject: Re: [PATCH V31 10/25] PCI: Lock down BAR access when the kernel is locked down
Date: Tue, 26 Mar 2019 15:19:03 -0600 [thread overview]
Message-ID: <20190326151903.257724d5@x1.home> (raw)
In-Reply-To: <CALCETrW43Syz-deM-fGUCbWfA8tcsoCJJ5XqjFhpg+d0sNYDRA@mail.gmail.com>
On Tue, 26 Mar 2019 13:55:39 -0700
Andy Lutomirski <luto@kernel.org> wrote:
> On Tue, Mar 26, 2019 at 11:28 AM Matthew Garrett
> <matthewgarrett@google.com> wrote:
> >
> > From: Matthew Garrett <mjg59@srcf.ucam.org>
> >
> > Any hardware that can potentially generate DMA has to be locked down in
> > order to avoid it being possible for an attacker to modify kernel code,
> > allowing them to circumvent disabled module loading or module signing.
> > Default to paranoid - in future we can potentially relax this for
> > sufficiently IOMMU-isolated devices.
>
> Does this break vfio?
No, vfio provides its own interface to pci config space. Thanks,
Alex
next prev parent reply other threads:[~2019-03-26 21:19 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-26 18:27 [PATCH V31 00/25] Add support for kernel lockdown Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 01/25] Add the ability to lock down access to the running kernel image Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 02/25] Enforce module signatures if the kernel is locked down Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 03/25] Restrict /dev/{mem,kmem,port} when " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 04/25] kexec_load: Disable at runtime if " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 05/25] Copy secure_boot flag in boot params across kexec reboot Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 06/25] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE Matthew Garrett
2019-06-21 6:34 ` Dave Young
2019-06-21 20:13 ` Matthew Garrett
2019-06-21 20:14 ` Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down Matthew Garrett
2019-06-21 6:43 ` Dave Young
2019-06-21 20:18 ` Matthew Garrett
2019-06-24 1:52 ` Dave Young
2019-06-24 21:06 ` Matthew Garrett
2019-06-24 21:27 ` Mimi Zohar
2019-06-25 0:02 ` Matthew Garrett
2019-06-25 1:46 ` Mimi Zohar
2019-06-25 2:51 ` Dave Young
2019-03-26 18:27 ` [PATCH V31 08/25] hibernate: Disable when " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 09/25] uswsusp: " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 10/25] PCI: Lock down BAR access " Matthew Garrett
2019-03-26 20:55 ` Andy Lutomirski
2019-03-26 21:19 ` Alex Williamson [this message]
2019-03-26 18:27 ` [PATCH V31 11/25] x86: Lock down IO port " Matthew Garrett
2019-03-26 20:56 ` Andy Lutomirski
2019-03-26 18:27 ` [PATCH V31 12/25] x86/msr: Restrict MSR " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 13/25] ACPI: Limit access to custom_method " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 14/25] acpi: Ignore acpi_rsdp kernel param when the kernel has been " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 15/25] acpi: Disable ACPI table override if the kernel is " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 16/25] Prohibit PCMCIA CIS storage when " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 17/25] Lock down TIOCSSERIAL Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 18/25] Lock down module params that specify hardware parameters (eg. ioport) Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 19/25] x86/mmiotrace: Lock down the testmmiotrace module Matthew Garrett
2019-03-27 15:57 ` Steven Rostedt
2019-03-27 16:55 ` Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 20/25] Lock down /proc/kcore Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 21/25] Lock down kprobes when in confidentiality mode Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 22/25] bpf: Restrict bpf when kernel lockdown is " Matthew Garrett
2019-03-26 19:21 ` Andy Lutomirski
2019-03-26 18:27 ` [PATCH V31 23/25] Lock down perf when " Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 24/25] lockdown: Print current->comm in restriction messages Matthew Garrett
2019-03-26 18:27 ` [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down Matthew Garrett
2019-03-26 19:20 ` Andy Lutomirski
2019-03-26 19:21 ` Matthew Garrett
2019-03-27 0:30 ` Greg KH
2019-03-27 4:29 ` Andy Lutomirski
2019-03-27 5:06 ` Greg KH
2019-03-27 5:29 ` Andy Lutomirski
2019-03-27 5:33 ` Greg KH
2019-03-27 16:53 ` James Morris
2019-03-27 17:39 ` Andy Lutomirski
2019-03-27 17:42 ` Matthew Garrett
2019-03-27 18:29 ` Greg KH
2019-03-27 18:31 ` Greg KH
2019-03-27 0:31 ` Greg KH
2019-03-27 2:06 ` Matthew Garrett
2019-03-27 2:35 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190326151903.257724d5@x1.home \
--to=alex.williamson@redhat.com \
--cc=bhelgaas@google.com \
--cc=dhowells@redhat.com \
--cc=jmorris@namei.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=luto@kernel.org \
--cc=matthewgarrett@google.com \
--cc=mjg59@google.com \
--cc=mjg59@srcf.ucam.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).