-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 11/20/2016 05:56 PM, ron minnich wrote:
man. Most of these BME things revolve around intel. Not surprising, but not good.
Does anyone care about the realtek 8168? And why on earth does it need BME? Can it just be initialized but not have DMA enabled?
I wonder if we should scan for anything with BME set, at each stage transition, and print a warning for each one found?
A quick check through the source seems to indicate that the generic pci_set_resource function will enable bus mastering on any PCI bridges. From that point on, if I'm not mistaken, any malicious device that exposed a bridge interface could enable mastering for any logical devices behind the bridge and attack the host. Am I missing something?
Thanks!
- -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com