feat: disable PCI busmastering on bridges during boot #899
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sorry, that's on me from 65006ed (must not forgot to run |
Enables CONFIG_EFI_DISABLE_PCI_DMA to improve boot security to protect from malicious PCI hardware. Not sure where CONFIG_TOOLS_SUPPORT_RELR comes from, this was added after make kernel-olddefconfig Signed-off-by: Nico Berlee <nico.berlee@on2it.net> Signed-off-by: Noel Georgi <git@frezbo.dev>
frezbo
approved these changes
Feb 19, 2024
|
/m |
smira
added a commit
to smira/talos
that referenced
this pull request
Feb 20, 2024
Pulls in following PRs: * siderolabs/pkgs#893 * siderolabs/pkgs#896 * siderolabs/pkgs#889 * siderolabs/pkgs#899 * siderolabs/pkgs#902 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
smira
added a commit
to smira/talos
that referenced
this pull request
Feb 20, 2024
Pulls in following PRs: * siderolabs/pkgs#893 * siderolabs/pkgs#896 * siderolabs/pkgs#889 * siderolabs/pkgs#899 * siderolabs/pkgs#902 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
smira
added a commit
to smira/talos
that referenced
this pull request
Feb 21, 2024
Pulls in following PRs: * siderolabs/pkgs#893 * siderolabs/pkgs#896 * siderolabs/pkgs#889 * siderolabs/pkgs#899 * siderolabs/pkgs#902 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com> (cherry picked from commit 9b62919)
smira
added a commit
to smira/talos
that referenced
this pull request
Feb 21, 2024
Pulls in following PRs: * siderolabs/pkgs#893 * siderolabs/pkgs#896 * siderolabs/pkgs#889 * siderolabs/pkgs#899 * siderolabs/pkgs#902 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com> (cherry picked from commit 9b62919)
dsseng
pushed a commit
to dsseng/talos
that referenced
this pull request
Mar 7, 2024
Pulls in following PRs: * siderolabs/pkgs#893 * siderolabs/pkgs#896 * siderolabs/pkgs#889 * siderolabs/pkgs#899 * siderolabs/pkgs#902 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
smira
added a commit
to smira/pkgs
that referenced
this pull request
May 16, 2024
This effectively reverts siderolabs#899 completely. Fixes siderolabs/talos#8743 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
smira
added a commit
to smira/pkgs
that referenced
this pull request
May 16, 2024
This effectively reverts siderolabs#899 completely. Fixes siderolabs/talos#8743 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com> (cherry picked from commit f414bbd)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Enables
CONFIG_EFI_DISABLE_PCI_DMAto improve boot security to protect from malicious PCI hardware.Fixes #898
Not sure where CONFIG_TOOLS_SUPPORT_RELR comes from, this was added after make kernel-olddefconfig