PCI: Lock down BAR access when securelevel is enabled
Orabug:
21539498
Any hardware that can potentially generate DMA has to be locked down from
userspace in order to avoid it being possible for an attacker to modify
kernel code. This should be prevented if securelevel has been set. Default
to paranoid - in future we can potentially relax this for sufficiently
IOMMU-isolated devices.
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
projects / users / jedix / linux-maple.git / commit