| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1324309598.2132.12.camel@shinybook.infradead.org>
Date: Mon, 19 Dec 2011 15:46:38 +0000
From: David Woodhouse <dwmw2@...radead.org>
To: David Gibson <david@...son.dropbear.id.au>
Cc: Joerg Roedel <joerg.roedel@....com>,
Alex Williamson <alex.williamson@...hat.com>, aik@...abs.ru,
benh@...nel.crashing.org, chrisw@...hat.com, agraf@...e.de,
scottwood@...escale.com, B08248@...escale.com,
rusty@...tcorp.com.au, iommu@...ts.linux-foundation.org,
qemu-devel@...gnu.org, linux-kernel@...r.kernel.org,
joro@...tes.org
Subject: Re: [RFC] Device isolation infrastructure v2
On Mon, 2011-12-19 at 11:11 +1100, David Gibson wrote:
> They have no inbuilt concept
> of domains (though we could fake in software in some circumstances).
That sentence doesn't make much sense to me.
Either you're saying that every device behind a given IOMMU is in *one*
domain (i.e. there's one domain per PCI host bridge), or you're saying
that each device has its *own* domain (maximum isolation, but still
perhaps not really true if you end up with PCIe-to-PCI bridges or broken
hardware such as the ones we've been discovering, where multifunction
devices do their DMA from the wrong function).
Either way, you *do* have domains. You just might not have thought about
it before.
--
dwmw2
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5818 bytes)
Powered by blists - more mailing lists