[$] A firewall for device drivers

Device drivers, along with the hardware they control, have long beenconsidered to be a trusted part of the system. This faith has been underassault for some time, though, and it fails entirely in some situations,including virtual machines that do not trust the host system they arerunning under. The recently covered virtio-hardening work is one response to thissituation, but that only addresses a small portion of the drivers builtinto a typical kernel. What is to be done about the rest? The driver-filterpatch from Kuppuswamy Sathyanarayanan demonstrates one possibleapproach: disable them altogether.