[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-pci
Subject: Re: [RFC] Restrict the untrusted devices, to bind to only a set of "whitelisted" drivers
From: Pavel Machek <pavel () denx ! de>
Date: 2020-06-30 21:46:09
Message-ID: 20200630214609.GB7113 () duo ! ucw ! cz
[Download RAW message or body]
Hi!
> > > I think that's inherently platform specific to some extent. We can do
> > > it with our coreboot based firmware, but there's no guarantee other
> > > vendors will adopt the same approach. But I think at least for the
> > > ChromeOS ecosystem we can come up with something that'll work, and
> > > allow us to dtrt in userspace wrt driver binding.
> >
> > Agree, we can work with our firmware teams to get that right, and then
> > expose it from kernel to userspace to help it implement the policy we
> > want.
>
> This is already in the spec for USB, I suggest working to get this added
> to the other bus type specs that you care about as well (UEFI, PCI,
> etc.)
Note that "you can only use authorized SSD and authorized WIFI card in
this notebook" was done before, but is considered antisocial.
Best regards,
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic