-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/21/2016 10:16 AM, ron minnich wrote: > > > On Mon, Nov 21, 2016 at 7:53 AM Timothy Pearson > <tpear...@raptorengineering.com <mailto:tpear...@raptorengineering.com>> > wrote: > > > > A quick check through the source seems to indicate that the generic > pci_set_resource function will enable bus mastering on any PCI bridges. > From that point on, if I'm not mistaken, any malicious device that > exposed a bridge interface could enable mastering for any logical > devices behind the bridge and attack the host. Am I missing something? > > > probably not. Back in the early days this kind of thing was not an issue.
I hear you on this. Now, with many peripherals running a complex on-card operating system and on-card bridges being the norm, this has become a significant security hole that we should work toward mitigating. > We've always had to adjust for limits in the kernels we support. We have > a PCI subsystem mainly because, in 2000, linux could not handle an > unconfigured PCI bus -- it interpreted a "0 bar" as meaning "device > disabled by BIOS" -- really! Not surprised by this. Unfortunately, from what we've seen, Linux hasn't gotten much better at configuring bridges. > I suspect the BME enable on bridges was done because Linux or other > guests didn't know how to configure bridges correctly. But Linux and > other kernels are a lot better now than they were; I wonder if we should > stop enabling BME on bridges. It's worth a try. I suspect Linux won't re-enable BM on bridges that were otherwise configured, but I haven't looked over that part of the code in a while either. > In any event, however, if we make this change it should be done in small > steps, and I think a good first small step is to start with things that > *look* obvious, like the aforementioned NIC. I am going to submit a CL > today to remove BME from that and see how much upset it causes :-) Sounds good. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJYMyCfAAoJEK+E3vEXDOFbTHAH/2Q2qp1wiDL3eVTrmuYk0IuR bAYW3Ldl/lXwKBPVd4FRjuzhr0uUqkpCNln58qlE3xmktRkOoRJ07LqZj3Ex8KKi XEdQ2YDT+hGbGd6aQPX5nK8dUCkIpBuZrPpd4S5GNLzmINRmoVh1KhilwkaeNWn2 5Qnp9IHq1jhrCRhUQl9/Q/1AphCcV15ebjCGOuRxpw0qenSJeefEzX/UZVbdXPjX myshFFdzuGoMFVJcbI0PnzyoIcMyXJHVwaMch7a8IIbTCz6zT711K8teACRATyps b4fic19O4KzyU9Zxegl6iEZn3+U2r+buQuhWOGElAEP3n9Gjy8GnJ4hNEOfAfus= =YSkm -----END PGP SIGNATURE----- -- coreboot mailing list: coreboot@coreboot.org https://www.coreboot.org/mailman/listinfo/coreboot