| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1378321314.13193.7.camel@x230> Date: Wed, 4 Sep 2013 19:01:54 +0000 From: Matthew Garrett <matthew.garrett@...ula.com> To: David Woodhouse <dwmw2@...radead.org> CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>, "keescook@...omium.org" <keescook@...omium.org>, "hpa@...or.com" <hpa@...or.com> Subject: Re: [PATCH V3 02/11] PCI: Lock down BAR access when module security is enabled On Wed, 2013-09-04 at 19:58 +0100, David Woodhouse wrote: > On Wed, 2013-09-04 at 17:04 +0000, Matthew Garrett wrote: > > How does virt passthrough work in this case? The current situation > > appears to be that qemu just passes the BARs through to the guest, and > > it's the guest that sets things up. We'd need to be able to ensure that > > there's no way the guest driver can cause DMA into the host kernel. > > We set up the IOMMU page tables so that the virtual bus addresses seen > by the PCI device are 1:1 mapped to the guest "physical" address space. > > That is, what the PCI device sees as a "physical" address is equivalent > to what the guest sees as a "physical" address space. It can access > memory which belongs to that guest, and nothing else. So that should be > fine. But presumably the guest's view of RAM is what gets written to the BARs? I guess if we know it's constrained then there's no need to restrict the addresses that can be set - we know that they'll be unable to overlap the host RAM. -- Matthew Garrett <matthew.garrett@...ula.com>
Powered by blists - more mailing lists