> From: Arnd Bergmann <arnd@xxxxxxxxxx> > Date: Fri, 26 Mar 2021 21:03:32 +0100 > > On Fri, Mar 26, 2021 at 6:28 PM Mark Kettenis <mark.kettenis@xxxxxxxxx> wrote: > > > I haven't figured out how the bypass stuff really works. Corellium > > added support for it in their codebase when they added support for > > Thunderbolt, and some of the DARTs that seem to be related to > > Thunderbolt do indeed have a "bypass" property. But it is unclear to > > me how the different puzzle pieces fit together for Thunderbolt. > > As a general observation, bypass mode for Thunderbolt is what enabled > the http://thunderclap.io/ attack. This is extremely useful for debugging > a running kernel from another machine, but it's also something that > should never be done in a production kernel. No kidding! I was surprised to see the bypass support on the Thunderbolt-related nodes.
