linux-sg2042/include
Mika Westerberg 617654aae5 PCI / ACPI: Identify untrusted PCI devices
A malicious PCI device may use DMA to attack the system. An external
Thunderbolt port is a convenient point to attach such a device. The OS
may use IOMMU to defend against DMA attacks.

Some BIOSes mark these externally facing root ports with this
ACPI _DSD [1]:

  Name (_DSD, Package () {
      ToUUID ("efcc06cc-73ac-4bc3-bff0-76143807c389"),
      Package () {
          Package () {"ExternalFacingPort", 1},
	  Package () {"UID", 0 }
      }
  })

If we find such a root port, mark it and all its children as untrusted.
The rest of the OS may use this information to enable DMA protection
against malicious devices. For instance the device may be put behind an
IOMMU to keep it from accessing memory outside of what the driver has
allocated for it.

While at it, add a comment on top of prp_guids array explaining the
possible caveat resulting when these GUIDs are treated equivalent.

[1] https://docs.microsoft.com/en-us/windows-hardware/drivers/pci/dsd-for-pcie-root-ports#identifying-externally-exposed-pcie-root-ports

Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Acked-by: Bjorn Helgaas <bhelgaas@google.com>
2018-12-05 12:01:55 +03:00
..
acpi pci-v4.20-changes 2018-10-25 06:50:48 -07:00
asm-generic s390 updates for 4.20-rc2 2018-11-09 06:30:44 -06:00
clocksource
crypto KEYS: asym_tpm: extract key size & public key [ver #2] 2018-10-26 09:30:46 +01:00
drm drm, i915, amdgpu, bridge + core quirk 2018-11-02 10:58:20 -07:00
dt-bindings This time it looks like a quieter release cycle in the clk tree. I guess that's 2018-10-31 11:08:30 -07:00
keys KEYS: Move trusted.h to include/keys [ver #2] 2018-10-26 09:30:47 +01:00
kvm
linux PCI / ACPI: Identify untrusted PCI devices 2018-12-05 12:01:55 +03:00
math-emu
media media: Rename vb2_m2m_request_queue -> v4l2_m2m_request_queue 2018-11-06 05:24:22 -05:00
memory
misc
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2018-11-28 11:02:45 -08:00
pcmcia
ras
rdma First merge window pull request 2018-10-26 07:38:19 -07:00
scsi
soc ARM: SoC driver updates for 4.17 2018-10-29 15:16:01 -07:00
sound ASoC: Fixes for v4.20 2018-11-27 16:06:42 +01:00
target scsi: target/core: Remove the SCF_COMPARE_AND_WRITE_POST flag 2018-10-16 01:13:35 -04:00
trace While rewriting the function graph tracer, I discovered a design flaw that 2018-11-30 09:32:34 -08:00
uapi x86/speculation: Add prctl() control for indirect branch speculation 2018-11-28 11:57:13 +01:00
video udlfb: handle unplug properly 2018-10-08 12:57:34 +02:00
xen Revert "xen/balloon: Mark unallocated host memory as UNUSABLE" 2018-11-29 17:53:31 +01:00