Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932272Ab3CTB2V (ORCPT ); Tue, 19 Mar 2013 21:28:21 -0400 Received: from ch1ehsobe005.messaging.microsoft.com ([216.32.181.185]:1098 "EHLO ch1outboundpool.messaging.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754430Ab3CTB2T (ORCPT ); Tue, 19 Mar 2013 21:28:19 -0400 X-Forefront-Antispam-Report: CIP:157.56.236.101;KIP:(null);UIP:(null);IPV:NLI;H:BY2PRD0510HT003.namprd05.prod.outlook.com;RD:none;EFVD:NLI X-SpamScore: 2 X-BigFish: PS2(zzzz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ahzz8275bhz2fh2a8h668h839h93fhd24hf0ah1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18deh18e1h1946h19b5h1ad9h1b0ah17ej1155h) From: Matthew Garrett To: "H. Peter Anvin" CC: "linux-kernel@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "linux-efi@vger.kernel.org" , "kexec@lists.infradead.org" , "linux-pci@vger.kernel.org" Subject: Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL Thread-Topic: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL Thread-Index: Ac4lCiwmmvU0usyXI0yxxCAslUbX+Q== Date: Wed, 20 Mar 2013 01:28:06 +0000 Message-ID: <3pfl8u1ugprwkcs5xmtjth3l.1363742692541@email.android.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [::] Content-Type: text/plain; charset="utf-8" Content-ID: <493191EDBCC13545A1048D9E1A896040@nebula.com> MIME-Version: 1.0 X-OriginatorOrg: nebula.com Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by mail.home.local id r2K1SNm5029713 Content-Length: 497 Lines: 3 Mm. The question is whether we can reliably determine the ranges a device should be able to access without having to trust userspace (and, ideally, without having to worry about whether iommu vendors have done their job). It's pretty important for PCI passthrough, so we do need to care. -- Matthew Garrett | matthew.garrett@nebula.com????{.n?+???????+%?????ݶ??w??{.n?+????{??G?????{ay?ʇڙ?,j??f???h?????????z_??(?階?ݢj"???m??????G????????????&???~???iO???z??v?^?m???? ????????I?