lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 24 Jun 2009 17:05:36 +0200
From:	Pavel Machek <pavel@....cz>
To:	Joseph Cihula <joseph.cihula@...el.com>
Cc:	linux-kernel@...r.kernel.org, mingo@...e.hu, arjan@...ux.intel.com,
	hpa@...or.com, andi@...stfloor.org, chrisw@...s-sol.org,
	jmorris@...ei.org, jbeulich@...ell.com, peterm@...hat.com,
	gang.wei@...el.com, shane.wang@...el.com
Subject: Re: [RFC v5][PATCH 4/4] intel_txt: force IOMMU on for Intel(R) TXT
	launch

On Mon 2009-06-22 17:41:41, Joseph Cihula wrote:
> The tboot module will DMA protect all of memory in order to ensure the that
> kernel will be able to initialize without compromise (from DMA).  Consequently,
> the kernel must enable Intel(R) Virtualization Technology for Directed I/O
> (VT-d or Intel IOMMU) in order to replace this broad protection with the
> appropriate page-granular protection.  Otherwise DMA devices will be unable
> to read or write from memory and the kernel will eventually panic.
> 
> Because runtime IOMMU support is configurable by command line options, this
> patch will force it to be enabled regardless of the options specified, and will
> log a message if it was required to force it on.
> 
> 
>  dmar.c        |    8 ++++++++
>  intel-iommu.c |   28 ++++++++++++++++++++++++++--
>  2 files changed, 34 insertions(+), 2 deletions(-)

This needs documentation. And you probably should panic the kernel if
user passes unworkable options, not override his choices.

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists