| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <51492828.5070803@zytor.com> Date: Tue, 19 Mar 2013 20:08:24 -0700 From: "H. Peter Anvin" <hpa@...or.com> To: Matthew Garrett <matthew.garrett@...ula.com> CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-security-module@...r.kernel.org" <linux-security-module@...r.kernel.org>, "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>, "kexec@...ts.infradead.org" <kexec@...ts.infradead.org>, "linux-pci@...r.kernel.org" <linux-pci@...r.kernel.org> Subject: Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL On 03/19/2013 07:48 PM, H. Peter Anvin wrote: > On 03/19/2013 06:28 PM, Matthew Garrett wrote: >> Mm. The question is whether we can reliably determine the ranges a device should be able to access without having to trust userspace (and, ideally, without having to worry about whether iommu vendors have done their job). It's pretty important for PCI passthrough, so we do need to care. > > It is actually very simple: the device should be able to DMA into/out of: > > 1. pinned pages > 2. owned by the process controlling the device > > ... and nothing else. > The "pinning" process needs to involve a call to the kernel to process the page for DMA (pinning the page and opening it in the iommu) and return a transaction address, of course. I think we have the interface for that in vfio, but I haven't followed that work. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists