Linux 5.10 Hardens Against Possible DMA Attacks By External PCIe Devices
Written by Michael Larabel in Hardware on 22 October 2020 at 12:00 AM EDT. 7 Comments
HARDWARE --
The PCI changes were submitted on Wednesday for the Linux 5.10 kernel.

The PCI subsystem updates for Linux 5.10 aren't too exciting this round but there are a few items worth noting. One change is the enabling of ACS translation blocking for external PCIe devices in protecting against possible DMA attacks.

Translation Blocking is enabled for untrusted/external PCIe devices to harden against direct memory access attacks. ACS (Access Control Services) Translation Blocking will block any request with the AT bit set as an effort to protect against improper routing of PCIe packets.

Also with the PCI changes for Linux 5.10 is the Broadcom STB PCI Express controller driver now supports the BCM7211, BCM7216, BCM7445, and BCM7278 SoCs.

There is also a change by a Tencent engineer to reduce the amount of possible block time within the pci_read_config() function by several milliseconds for the maximum possible latency.

The full list of PCI changes for Linux 5.10 via the pull request.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week