> I've been involved (a tiny bit) in the EFI stub cleanups which have > landed for 5.6, a such I've been building my own test kernels with > CONFIG_EFI_DISABLE_PCI_DMA=y up to know that is. > > Recently I got a Lenovo X1 + Thunderbolt 3 dock for testing and > booting my own test kernel build on it failed, disabling > CONFIG_EFI_DISABLE_PCI_DMA fixes this. > > Note currently we have: > > [hans@x1 master]$ cat configs/fedora/generic/CONFIG_EFI_DISABLE_PCI_DMA > # CONFIG_EFI_DISABLE_PCI_DMA is not set > > So the Fedora 5.6 kernels should work and this is not a bug report, > this is mostly a heads up and trying to turn my knowledge that for > now turning this on is not a good idea form private knowledge into > collective knowledge. > > I will also report this upstream, so that maybe this issue can be > fixed. The Kconfig text on this is pretty decent: https://cateee.net/lkddb/web-lkddb/EFI_DISABLE_PCI_DMA.html It also looks like it might be hard to enable by default on a generic kernel, but from a security PoV it would certainly be something that would be useful to be able to enable. _______________________________________________ kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx
