On Sat, 8 Oct 2016, neilhard...@gmail.com wrote: > DMA allows network card to read/write RAM. > > DMA attack allows one already-compromised VM to read the RAM of another > VM, thus breaching Qubes isolation... unless you use VT-D, although > flaws in VT-D have been shown. > > Remote DMA attack allows packets sent to the network card directly over > the web, not even having to compromise your VM first... as demonstrated > in the paper by the French intel agency. > > That is what I understand so far. Hence, why I am asking if using PIO > rather than DMA would prevent such attacks.
So if a driver won't use DMA, how that would prevent device itself from initiating DMA transactions? I'm somewhat doubtful that it would be so simple as I suspect the compromized device need not to care what the driver uses, be it PIO or DMA (but I'm not a PCI expert so I could be wrong too). -- i.
