Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
From: Andi Kleen <ak@xxxxxxxxxxxxxxx>
Date: Thu, 30 Sep 2021 14:12:52 -0700
Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, x86@xxxxxxxxxx, Bjorn Helgaas <bhelgaas@xxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Andreas Noever <andreas.noever@xxxxxxxxx>, Michael Jamet <michael.jamet@xxxxxxxxx>, Yehezkel Bernat <YehezkelShB@xxxxxxxxx>, "Rafael J . Wysocki" <rafael@xxxxxxxxxx>, Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Jason Wang <jasowang@xxxxxxxxxx>, Dan Williams <dan.j.williams@xxxxxxxxx>, Kuppuswamy Sathyanarayanan <knsathya@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-pci@xxxxxxxxxxxxxxx, linux-usb@xxxxxxxxxxxxxxx, virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx, "Reshetova, Elena" <elena.reshetova@xxxxxxxxx>
In-reply-to: <20210930204447.GA482974@rowland.harvard.edu>
References: <20210930010511.3387967-1-sathyanarayanan.kuppuswamy@linux.intel.com> <20210930010511.3387967-3-sathyanarayanan.kuppuswamy@linux.intel.com> <20210930065807-mutt-send-email-mst@kernel.org> <YVXBNJ431YIWwZdQ@kroah.com> <20210930144305.GA464826@rowland.harvard.edu> <20210930104924-mutt-send-email-mst@kernel.org> <20210930153509.GF464826@rowland.harvard.edu> <20210930115243-mutt-send-email-mst@kernel.org> <00156941-300d-a34a-772b-17f0a9aad885@linux.intel.com> <20210930204447.GA482974@rowland.harvard.edu>
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0

If all you want to do is prevent someone from loading a bunch of
drivers that you have identified as unhardened, why not just use a
modprobe blacklist?


That wouldn't help for builtin drivers, we cannot control initcalls.

This LWN article has more details on the background.

https://lwn.net/Articles/865918/

-Andi

Am I missing something?

Alan Stern

References:
- [PATCH v2 0/6] Add device filter support
  - From: Kuppuswamy Sathyanarayanan
- [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Kuppuswamy Sathyanarayanan
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Michael S. Tsirkin
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Greg Kroah-Hartman
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Alan Stern
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Michael S. Tsirkin
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Alan Stern
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Michael S. Tsirkin
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Andi Kleen
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Alan Stern

Prev by Date: Re: [PATCH v2 2/2] mwifiex: Try waking the firmware until we get an interrupt
Next by Date: Re: [PATCH v2 2/2] mwifiex: Try waking the firmware until we get an interrupt
Previous by thread: Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
Next by thread: [PATCH v2 6/6] PCI: Initialize authorized attribute for confidential guest
Index(es):
- Date
- Thread

[Index of Archives] [DMA Engine] [Linux Coverity] [Linux USB] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI] [Greybus]