| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 May 2014 18:09:52 +0100
From: David Woodhouse <dwmw2@...radead.org>
To: Linda Knippers <linda.knippers@...com>
Cc: Alex Williamson <alex.williamson@...hat.com>,
iommu@...ts.linux-foundation.org, chegu_vinod@...com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] iommu/intel: Exclude devices using RMRRs from IOMMU API
domains
On Wed, 2014-05-21 at 13:05 -0400, Linda Knippers wrote:
>
> > Exactly, I have a hard time bringing myself to care about supporting
> > such devices. Vendors that proliferate RMRR usage need to be aware of
> > the implications of RMRRs for all use cases of a device. First and
> > foremost, we need to lock out devices with RMRRs because we have no
> > ability to either honor or disable RMRRs when used by the IOMMU API. If
> > vendors that rely on RMRRs want to make such devices assignable by
> > providing interfaces to describe and map the area into a VM, or even a
> > mechanism to disable the RMRR, more power to them. The current
> > situation is simply unsafe and needs to be prevented.
>
> I care but I think this patch should go in until there is a better
> solution.
I was quite happy with our earlier "solution" of just assuming that
RMRRs were a boot-time thing only. Once a driver takes over the device,
or it's given to a guest, we forget the RMRRs entirely. The hardware has
no business still doing rogue DMA after we've taken control of it.
Again, it's only those who stupidly designed hardware who suffer. And
life was a lot simpler for us.
--
dwmw2
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5745 bytes)
Powered by blists - more mailing lists