Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
From: "Michael S. Tsirkin" <mst@xxxxxxxxxx>
Date: Thu, 30 Sep 2021 10:58:07 -0400
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, x86@xxxxxxxxxx, Bjorn Helgaas <bhelgaas@xxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Andreas Noever <andreas.noever@xxxxxxxxx>, Michael Jamet <michael.jamet@xxxxxxxxx>, Yehezkel Bernat <YehezkelShB@xxxxxxxxx>, "Rafael J . Wysocki" <rafael@xxxxxxxxxx>, Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Jason Wang <jasowang@xxxxxxxxxx>, Dan Williams <dan.j.williams@xxxxxxxxx>, Andi Kleen <ak@xxxxxxxxxxxxxxx>, Kuppuswamy Sathyanarayanan <knsathya@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-pci@xxxxxxxxxxxxxxx, linux-usb@xxxxxxxxxxxxxxx, virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
In-reply-to: <20210930144305.GA464826@rowland.harvard.edu>
References: <20210930010511.3387967-1-sathyanarayanan.kuppuswamy@linux.intel.com> <20210930010511.3387967-3-sathyanarayanan.kuppuswamy@linux.intel.com> <20210930065807-mutt-send-email-mst@kernel.org> <YVXBNJ431YIWwZdQ@kroah.com> <20210930144305.GA464826@rowland.harvard.edu>

On Thu, Sep 30, 2021 at 10:43:05AM -0400, Alan Stern wrote:
> I don't see any point in talking about "untrusted drivers".  If a 
> driver isn't trusted then it doesn't belong in your kernel.  Period.  
> When you load a driver into your kernel, you are implicitly trusting 
> it (aside from limitations imposed by security modules).

Trusting it to do what? Historically a ton of drivers did not
validate input from devices they drive. Most still don't.

> The code 
> it contains, the module_init code in particular, runs with full 
> superuser permissions.

-- 
MST

Follow-Ups:
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Alan Stern

References:
- [PATCH v2 0/6] Add device filter support
  - From: Kuppuswamy Sathyanarayanan
- [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Kuppuswamy Sathyanarayanan
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Michael S. Tsirkin
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Greg Kroah-Hartman
- Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
  - From: Alan Stern

Prev by Date: Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
Next by Date: Re: [PATCH v2 1/6] driver core: Move the "authorized" attribute from USB/Thunderbolt to core
Previous by thread: Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
Next by thread: Re: [PATCH v2 2/6] driver core: Add common support to skip probe for un-authorized devices
Index(es):
- Date
- Thread

[Index of Archives] [Linux Media] [Linux Input] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI] [Old Linux USB Devel Archive]