On 10/08/2016 07:05 PM, Ilpo Järvinen wrote: > On Sat, 8 Oct 2016, neilhard...@gmail.com wrote: > >> DMA allows network card to read/write RAM. >> >> DMA attack allows one already-compromised VM to read the RAM of another >> VM, thus breaching Qubes isolation... unless you use VT-D, although >> flaws in VT-D have been shown. >> >> Remote DMA attack allows packets sent to the network card directly over >> the web, not even having to compromise your VM first... as demonstrated >> in the paper by the French intel agency. >> >> That is what I understand so far. Hence, why I am asking if using PIO >> rather than DMA would prevent such attacks. > So if a driver won't use DMA, how that would prevent device itself > from initiating DMA transactions? I'm somewhat doubtful that it > would be so simple as I suspect the compromized device need not > to care what the driver uses, be it PIO or DMA (but I'm not a PCI > expert so I could be wrong too).
Bingo. -- Rudd-O http://rudd-o.com/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8dc3ed85-c755-1ded-fbd5-d53caef5d941%40rudd-o.com. For more options, visit https://groups.google.com/d/optout.