On Fri, Feb 21, 2025 at 12:09:40AM +0000, Joshua Peraza wrote: > From: Rajat Jain <rajatja@xxxxxxxxxx> > > The "DmaProperty" is supported and currently documented and used by > Microsoft [link 1 below], to flag internal PCIe root ports that need > DMA protection [link 2 below]. We have discussed with them and reached > a common understanding that they shall change their MSDN documentation > to say that the same property can be used to protect any PCI device, > and not just internal PCIe root ports (since there is no point > introducing yet another property for arbitrary PCI devices). This helps > with security from internal devices that offer an attack surface for > DMA attacks (e.g. internal network devices). > > Support DmaProperty to mark DMA from a PCI device as untrusted. > > Link: [1] https://docs.microsoft.com/en-us/windows-hardware/drivers/pci/dsd-for-pcie-root-ports#identifying-internal-pcie-ports-accessible-to-users-and-requiring-dma-protection > Link: [2] https://docs.microsoft.com/en-us/windows/security/information-protection/kernel-dma-protection-for-thunderbolt > Signed-off-by: Rajat Jain <rajatja@xxxxxxxxxx> > Reviewed-by: Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx> > Acked-by: Rafael J. Wysocki <rafael.j.wysocki@xxxxxxxxx> > Signed-off-by: Joshua Peraza <jperaza@xxxxxxxxxx> > --- > drivers/acpi/property.c | 3 +++ > drivers/pci/pci-acpi.c | 22 ++++++++++++++++++++++ > 2 files changed, 25 insertions(+) Acked-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
