Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
* Should PCI "new_id" support be disabled when kernel is locked down?
@ 2019-09-04 15:59 Ian Abbott
  2019-09-04 16:47 ` Matthew Garrett
  0 siblings, 1 reply; 2+ messages in thread
From: Ian Abbott @ 2019-09-04 15:59 UTC (permalink / raw)
  To: linux-security-module; +Cc: linux-pci

Hello,

The "new_id" PCI driver sysfs attribute can be used to make an arbitrary 
PCI driver match an arbitrary PCI vendor/device ID.  That could easily 
crash the kernel or at least make it do weird things if used 
inappropriately.  Is this scenario in scope for the "lockdown" security 
module?

-- 
-=( Ian Abbott <abbotti@mev.co.uk> || Web: www.mev.co.uk )=-
-=( MEV Ltd. is a company registered in England & Wales. )=-
-=( Registered number: 02862268.  Registered address:    )=-
-=( 15 West Park Road, Bramhall, STOCKPORT, SK7 3JZ, UK. )=-

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Should PCI "new_id" support be disabled when kernel is locked down?
  2019-09-04 15:59 Should PCI "new_id" support be disabled when kernel is locked down? Ian Abbott
@ 2019-09-04 16:47 ` Matthew Garrett
  0 siblings, 0 replies; 2+ messages in thread
From: Matthew Garrett @ 2019-09-04 16:47 UTC (permalink / raw)
  To: Ian Abbott; +Cc: LSM List, linux-pci

On Wed, Sep 4, 2019 at 9:12 AM Ian Abbott <abbotti@mev.co.uk> wrote:
>
> Hello,
>
> The "new_id" PCI driver sysfs attribute can be used to make an arbitrary
> PCI driver match an arbitrary PCI vendor/device ID.  That could easily
> crash the kernel or at least make it do weird things if used
> inappropriately.  Is this scenario in scope for the "lockdown" security
> module?

Crashing the kernel isn't really a concern - the issue is more whether
it's possible to get a driver to perform a sufficient number of writes
to a device that it can in turn cause the device to overwrite the
kernel in a controlled manner. This seems theoretically possible, but
I think I'm inclined to leave it as is unless someone demonstrates
that it's more than theoretical.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-04 15:59 Should PCI "new_id" support be disabled when kernel is locked down? Ian Abbott
2019-09-04 16:47 ` Matthew Garrett

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org
	public-inbox-index linux-security-module

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git