From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from terminus.zytor.com ([2001:1868:205::10] helo=mail.zytor.com) by merlin.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1UI7Z8-0004o0-Nu for kexec@lists.infradead.org; Wed, 20 Mar 2013 01:11:43 +0000 Message-ID: <51490CC8.80903@zytor.com> Date: Tue, 19 Mar 2013 18:11:36 -0700 From: "H. Peter Anvin" MIME-Version: 1.0 Subject: Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL References: In-Reply-To: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "kexec" Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: Matthew Garrett Cc: "linux-pci@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "linux-efi@vger.kernel.org" , "kexec@lists.infradead.org" , "linux-kernel@vger.kernel.org" On 03/19/2013 06:07 PM, Matthew Garrett wrote: > Yeah, I'd like the option of relaxing restrictions when drivers explicitly opt in based on iommu support. When drivers opt in they can provide an interface. The interesting case becomes non-drivers. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf. _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec From mboxrd@z Thu Jan 1 00:00:00 1970 From: "H. Peter Anvin" Subject: Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL Date: Tue, 19 Mar 2013 18:11:36 -0700 Message-ID: <51490CC8.80903@zytor.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Sender: linux-efi-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Matthew Garrett Cc: "linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" , "linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" , "linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" , "kexec-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org" , "linux-pci-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" List-Id: linux-efi@vger.kernel.org On 03/19/2013 06:07 PM, Matthew Garrett wrote: > Yeah, I'd like the option of relaxing restrictions when drivers explicitly opt in based on iommu support. When drivers opt in they can provide an interface. The interesting case becomes non-drivers. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from terminus.zytor.com ([198.137.202.10]:42326 "EHLO mail.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754286Ab3CTBLo (ORCPT ); Tue, 19 Mar 2013 21:11:44 -0400 Message-ID: <51490CC8.80903@zytor.com> Date: Tue, 19 Mar 2013 18:11:36 -0700 From: "H. Peter Anvin" MIME-Version: 1.0 To: Matthew Garrett CC: "linux-kernel@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "linux-efi@vger.kernel.org" , "kexec@lists.infradead.org" , "linux-pci@vger.kernel.org" Subject: Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL References: In-Reply-To: Content-Type: text/plain; charset=UTF-8 Sender: linux-pci-owner@vger.kernel.org List-ID: On 03/19/2013 06:07 PM, Matthew Garrett wrote: > Yeah, I'd like the option of relaxing restrictions when drivers explicitly opt in based on iommu support. When drivers opt in they can provide an interface. The interesting case becomes non-drivers. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf.