On Wed, Sep 4, 2019 at 9:12 AM Ian Abbott <abbotti@xxxxxxxxx> wrote: > > Hello, > > The "new_id" PCI driver sysfs attribute can be used to make an arbitrary > PCI driver match an arbitrary PCI vendor/device ID. That could easily > crash the kernel or at least make it do weird things if used > inappropriately. Is this scenario in scope for the "lockdown" security > module? Crashing the kernel isn't really a concern - the issue is more whether it's possible to get a driver to perform a sufficient number of writes to a device that it can in turn cause the device to overwrite the kernel in a controlled manner. This seems theoretically possible, but I think I'm inclined to leave it as is unless someone demonstrates that it's more than theoretical.
