From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S934387AbcKWT3o (ORCPT <rfc822;w@1wt.eu>);
        Wed, 23 Nov 2016 14:29:44 -0500
Received: from isilmar-4.linta.de ([136.243.71.142]:52784 "EHLO
        isilmar-4.linta.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S933604AbcKWT3m (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 23 Nov 2016 14:29:42 -0500
Date: Wed, 23 Nov 2016 20:21:43 +0100
From: Dominik Brodowski <linux@dominikbrodowski.net>
To: David Howells <dhowells@redhat.com>
Cc: keyrings@vger.kernel.org, matthew.garrett@nebula.com,
        linux-security-module@vger.kernel.org, linux-efi@vger.kernel.org,
        linux-kernel@vger.kernel.org, gnomes@lxorguk.ukuu.org.uk
Subject: Re: [PATCH] Lock down drivers that can have io ports, io mem, irqs
 and dma changed
Message-ID: <20161123192143.GA482@light.dominikbrodowski.net>
References: <20161122061233.GA4762@light.dominikbrodowski.net>
 <20161116222731.563fb85e@lxorguk.ukuu.org.uk>
 <147933283664.19316.12454053022687659937.stgit@warthog.procyon.org.uk>
 <26173.1479769852@warthog.procyon.org.uk>
 <8342.1479905906@warthog.procyon.org.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <8342.1479905906@warthog.procyon.org.uk>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Nov 23, 2016 at 12:58:26PM +0000, David Howells wrote:
> Dominik Brodowski <linux@dominikbrodowski.net> wrote:
> 
> > You might also need to disable CIS overrides and CIS firmware loading for
> > PCMCIA drivers, I presume. That needs two changes:
> > 
> > 	- Abort in drivers/pcmcia/ds.c::pcmcia_load_firmware() or disable
> > 	  the CONFIG_PCMCIA_LOAD_CIS config option permanently.
> 
> This really ought to be handled through signature checking in
> request_firmware().
> 
> > 	- Abort in drivers/pcmcia/cistpl.c::pccard_store_cis() or remove
> > 	  write access to the "cis" file in
> > 	  drivers/pcmcia/cistpl.c::pccard_cis_attr
> 
> What is that doing?  Allowing the device to be reconfigured?

Exactly. It is a different interface for updating the firmware -- which
includes ioports etc. In theory, any access should be limited to areas which
are registered to the bridge devices. But you never know...

Best
	Dominik