Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL

From: Matthew Garrett
Date: Tue Mar 19 2013 - 21:28:25 EST

Next message: Stephen Warren: "Re: [Regression] process hangs due to "USB: EHCI: work around siliconbug in Intels EHCI controllers""
Previous message: Namhyung Kim: "Re: [PATCH 8/9] perf util: Get rid of die() calls in trace-data-read.c"
In reply to: Matthew Garrett: "Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL"
Next in thread: H. Peter Anvin: "Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mm. The question is whether we can reliably determine the ranges a device should be able to access without having to trust userspace (and, ideally, without having to worry about whether iommu vendors have done their job). It's pretty important for PCI passthrough, so we do need to care.
--
Matthew Garrett | matthew.garrett@xxxxxxxxxxèº{.nÇ+‰·Ÿ®‰†+%ŠËlzwm…ébëæìr¸›zX§»®w¥Š{ayºÊÚë,j¢f£¢·hš‹àz¹®w¥¢¸¢·¦j:+v‰¨ŠwèjØm¶Ÿÿ¾«‘êçzZ+ƒùšŽŠÝj"ú!¶iO•æ¬z·švØ^¶m§ÿðÃnÆàþY&—

Next message: Stephen Warren: "Re: [Regression] process hangs due to "USB: EHCI: work around siliconbug in Intels EHCI controllers""
Previous message: Namhyung Kim: "Re: [PATCH 8/9] perf util: Get rid of die() calls in trace-data-read.c"
In reply to: Matthew Garrett: "Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL"
Next in thread: H. Peter Anvin: "Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]