On 10/08/2016 07:05 PM, Ilpo Järvinen wrote:
> On Sat, 8 Oct 2016, neilhard...@gmail.com wrote:
>
>> DMA allows network card to read/write RAM.
>>
>> DMA attack allows one already-compromised VM to read the RAM of another
>> VM, thus breaching Qubes isolation... unless you use VT-D, although
>> flaws in VT-D have been shown.
>>
>> Remote DMA attack allows packets sent to the network card directly over
>> the web, not even having to compromise your VM first... as demonstrated
>> in the paper by the French intel agency.
>>
>> That is what I understand so far. Hence, why I am asking if using PIO
>> rather than DMA would prevent such attacks.
> So if a driver won't use DMA, how that would prevent device itself
> from initiating DMA transactions? I'm somewhat doubtful that it
> would be so simple as I suspect the compromized device need not
> to care what the driver uses, be it PIO or DMA (but I'm not a PCI
> expert so I could be wrong too).
Bingo.
--
Rudd-O
http://rudd-o.com/
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/8dc3ed85-c755-1ded-fbd5-d53caef5d941%40rudd-o.com.
For more options, visit https://groups.google.com/d/optout.
