On Thu, May 29, 2025 at 10:41:15PM +0800, Xu Yilun wrote: > > On AMD, the host can "revoke" at any time, at worst it'll see RMP > > events from IOMMU. Thanks, > > Is the RMP event firstly detected by host or guest? If by host, > host could fool guest by just suppress the event. Guest thought the > DMA writting is successful but it is not and may cause security issue.
Is that in scope of the threat model though? Host must not be able to change DMAs or target them to different memory, but the host can stop DMA and loose it, surely? Host controls the PCI memory enable bit, doesn't it? Jason
