-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Thu, Jul 14, 2016 at 07:22:28PM -0700, neilhard...@gmail.com wrote: > From the user FAQ: > > https://www.qubes-os.org/doc/user-faq/#can-i-install-qubes-on-a-system-without-vt-d > > "an attacker could always use a simple DMA attack to go from the NetVM to > Dom0" > > So what does this mean though..? > > Can they launch this DMA attack from a compromised App VM..? > > Could they simply do a browser exploit in an App VM, and then do a DMA attack > from there to go to dom0..? > > Or is it a lot harder than that..? > > I'm just trying to work out whether it's really worth buying a new laptop > just to get VT-D.... I currently have VT-X, but not VT-D.
DMA is mechanism for PCI devices to access system memory (read/write). Without VT-d any PCI device can access all the memory, regardless to which VM is assigned (or left in dom0). Most PCI devices allow driver to request arbitrary DMA operation (like "put received network packets at this address in memory", or "get this memory area and sent to the network"). So, without VT-d, it gives unlimited access to the whole system. Now, it is only a matter of knowing where to read/write to take over the system, instead of just crashing. But since you can read the whole memory, it isn't that hard. Now, how it applies to Qubes OS? The above attack requires access to PCI device. Which means that can be performed only from NetVM / UsbVM, so someone must first break into one of those VMs. But it isn't that hard, because there is a lot of complex code handling network traffic. Recent bugs includes DHCP client, DNS client etc. Most of attacks on NetVM / UsbVM (but not all!) requires being somehow close to the target system - for example connected to the same WiFi network, or in case of UsbVM, having physical acccess to some USB port. But, just exploiting a browser in an AppVM isn't enough, as normal AppVM do not have any PCI device assigned (unless you do that manually). - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXiKLfAAoJENuP0xzK19cs21wH/A1AOVEKZLAr/p1/rY3gOCzJ r8qVwL8bl9sEq/WmkDAbml/wxyLBCd46bqvUD645V0FtqHIkluikIGaPUH+tNwxu PnE/3xw5tAqIvl73GJ8Eon0V12Bt9e0CJa2GhbQ67ahdj12CR3Gg4IrbSoswNYpT qK4WiIBA6UhuERx02dVvA1Hd1kEcOHvTmYTn0W1gDmiFughXM8okf44bU3PHatU/ PFGqEMc/HkWgAPb+0VAUtRoem0NdJVKUa3XGgV5KrkbxeAhSj7VMy+lD/MxSdEQE Mep+XT6I16ItBVBEq1eOEMAJxJe0YnR5/TLfKHt7rBAZmziArAUb9LKw00pV1Pc= =aQzl -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160715084623.GL19103%40mail-itl. For more options, visit https://groups.google.com/d/optout.