October 9th, 2005


securing PCIE on Radeon

Because PCI Express requires putting the PCIGART translation table in the framebuffer, and dri clients map the framebuffer read/write, this is a security hole as a DRI client can map the framebuffer, change the GART table and get the card to do evil things with memory translations.

So in order for PCIE support to ship in X.org 6.9/7.0 driver, it needed to be secured.

I've done a patch which reserves off the last 32k of the framebuffer and only sets the client map to map everything before that, this appears to work fine, its all in bug