On Fri, Feb 19, 2016 at 04:33:40PM -0600, David Young wrote: > > BTW, I think a reasonable precaution to take with a lot of devices, > their firmware and drivers, open- or closed-source (but especially > closed source), is to put them under supervision of, say, an IOMMU.
It's reasonable, for sure, but it's not enough. There are BSD derived operating systems out there which do this to complicate life for malicious hot-plug PCIe devices. Unfortunately, it doesn't really work, since you can always find some sensitive region that does have DMA enabled (if you get in early enough, the pages used for the disk transfers that bring in kernel modules, for example -- or libc) and scribble on it. Thor
