On Mon, Nov 21, 2016 at 7:53 AM Timothy Pearson < [email protected]> wrote:
> > > A quick check through the source seems to indicate that the generic > pci_set_resource function will enable bus mastering on any PCI bridges. > From that point on, if I'm not mistaken, any malicious device that > exposed a bridge interface could enable mastering for any logical > devices behind the bridge and attack the host. Am I missing something? > > probably not. Back in the early days this kind of thing was not an issue. We've always had to adjust for limits in the kernels we support. We have a PCI subsystem mainly because, in 2000, linux could not handle an unconfigured PCI bus -- it interpreted a "0 bar" as meaning "device disabled by BIOS" -- really! I suspect the BME enable on bridges was done because Linux or other guests didn't know how to configure bridges correctly. But Linux and other kernels are a lot better now than they were; I wonder if we should stop enabling BME on bridges. In any event, however, if we make this change it should be done in small steps, and I think a good first small step is to start with things that *look* obvious, like the aforementioned NIC. I am going to submit a CL today to remove BME from that and see how much upset it causes :-) ron
-- coreboot mailing list: [email protected] https://www.coreboot.org/mailman/listinfo/coreboot
