On Wed, Nov 23, 2016 at 12:58:26PM +0000, David Howells wrote: > Dominik Brodowski <linux@xxxxxxxxxxxxxxxxxxxx> wrote: > > > You might also need to disable CIS overrides and CIS firmware loading for > > PCMCIA drivers, I presume. That needs two changes: > > > > - Abort in drivers/pcmcia/ds.c::pcmcia_load_firmware() or disable > > the CONFIG_PCMCIA_LOAD_CIS config option permanently. > > This really ought to be handled through signature checking in > request_firmware(). > > > - Abort in drivers/pcmcia/cistpl.c::pccard_store_cis() or remove > > write access to the "cis" file in > > drivers/pcmcia/cistpl.c::pccard_cis_attr > > What is that doing? Allowing the device to be reconfigured? Exactly. It is a different interface for updating the firmware -- which includes ioports etc. In theory, any access should be limited to areas which are registered to the bridge devices. But you never know... Best Dominik -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html