On Fri, Apr 12, 2019 at 12:34:31PM -0400, Dennis Dalessandro wrote: > On 4/12/2019 11:38 AM, Leon Romanovsky wrote: > > On Thu, Apr 11, 2019 at 07:07:42AM -0700, Dennis Dalessandro wrote: > > > From: Josh Collier <josh.d.collier@xxxxxxxxx> > > > > > > Some kernels now enable CONFIG_IO_STRICT_DEVMEM > > > which prevents multiple handles to PCI resource0. In order > > > to continue to support expansion ROM updates while the > > > driver is loaded, the driver must now provide an interface > > > to control the expansion ROM write protection. > > > > From this description, it seems like that CONFIG_IO_STRICT_DEVMEM was > > added to prevent this type of access, doesn't it? > > Due to the config option using the resource file is no longer an option for > manipulating the EPROM. There are some accesses that we want to be able to > make through the PCI config space which is not affected by the above config > option. However access to that is protected by the HW. So this patch > provides a safe interface to toggle that protection while still preventing > userspace from free range access to memory regions claimed by the driver. Thanks for the explanation, There is one knowledge gap which will be very good to understand. Someone implemented security option, users decided that it is right thing and enabled it. Why do you think that it is ok to "disable" such security check in driver code? Thanks > > -Denny
Attachment:
signature.asc
Description: PGP signature
