This bug is missing log files that will aid in diagnosing the problem.
While running an Ubuntu kernel (not a mainline or third-party kernel)
please enter the following command in a terminal window:
apport-collect 1820153
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1820153
Title:
[SRU][B/C/OEM]IOMMU: add kernel dma protection
Status in HWE Next:
New
Status in linux package in Ubuntu:
Incomplete
Bug description:
SRU justification:
[Impact]
OS can use IOMMU to defend against DMA attacks from a PCI device like
thunderbolt one.
Intel adds DMA_CTRL_PLATFORM_OPT_IN_FLAG flag in DMAR ACPI table.
Use this flag to enable IOMMU and use _DSD to identify untrusted PCI devices.
[Fix]
Enable IOMMU when BIOS supports DMA opt in flag and ExternalFacingPort in
_DSD.
Disable ATS on the untrusted PCI device.
[Test]
Tested on 2 Intel platforms that supports DMA opt in flag with a thunderbolt
dock station.
iommu enabled as expected with this fix.
[Regression Potential]
Upstream fix, Verified on supported platforms, no affection on not supported
platforms.
Backported changes are fairly minimal.
These patches are included in 5.0 kernel, disco is good.
To manage notifications about this bug go to:
https://bugs.launchpad.net/hwe-next/+bug/1820153/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
