On 25/09/2018 10:07, Ilias Apalodimas wrote:
Hello,
Can we add a discussion in upcoming meetings about the participation
of SMMU in the booting procedure?
If I were you I'd roll up to one of the Thursday meetings. There's
usually time for a bit of any other business.
In the past there's been a number of proposals on how to mitigate
attacks, were a rogue PCI card is inserted into the system.
Some of them include shutting down external DMA ports until the OS
explicitly powers them up or blocking DMA using BME bit et >
Keeping in mind this will enhance the security of devices would it
make sense to include it as a 'MUST' if the hardware is present or a
recommendation would be enough?
I'm not totally convinced this is in scope for EBBR (don't take this as
a firm "no").
Basically EBBR primarily focuses on the handover from system firmware to
OS[1].
For full defense this is essentially a requirement about the state of
the system when we hand over from BL<something> to BL33 isn't it? It
might therefore be regarded as an implementation quality issue.
Daniel.
[1] It is true we have contemplated (but haven't yet acted
on) imposing also imposing requirements on boot ROMs but this is
only really to try and squash (mis)features that impose a
requirement to pre-partition the media the OS will install onto.
_______________________________________________
boot-architecture mailing list
boot-architecture@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/boot-architecture
