I have KGPE-d16 with IOMMU/AMD-VI and I was wondering if it would be
possible to designate in coreboot certain devices pass-through only to
stop them from communicating with the host? If I have to launch a rescue
CD or what not then a rogue infected device could do a DMA attack correct?
On linux does iommu only isolate from the host devices assigned to a
guest? assigned to pcistub? or is there always some level of mediation?
My system says "dom0 mode - relaxed" right below the AMDVI messages,
what does it mean?
Thanks for any replies!
--
coreboot mailing list: [email protected]
https://www.coreboot.org/mailman/listinfo/coreboot
