On Sun, Feb 21, 2016 at 09:25:52PM -0500, Thor Lancelot Simon wrote: > On Fri, Feb 19, 2016 at 04:33:40PM -0600, David Young wrote: > > > > BTW, I think a reasonable precaution to take with a lot of devices, > > their firmware and drivers, open- or closed-source (but especially > > closed source), is to put them under supervision of, say, an IOMMU. > > It's reasonable, for sure, but it's not enough. There are BSD derived > operating systems out there which do this to complicate life for > malicious hot-plug PCIe devices. Unfortunately, it doesn't really work, > since you can always find some sensitive region that does have DMA enabled > (if you get in early enough, the pages used for the disk transfers that > bring in kernel modules, for example -- or libc) and scribble on it.
Not sure I follow. You are talking about a malicious device that performs bus-mastering accesses before the OS has initialized the IOMMU? Dave -- David Young dyo...@pobox.com Urbana, IL (217) 721-9981