On 22.08.2022 17:27, Marek Marczykowski-Górecki wrote: > The important part is to include those buffers in IOMMU page table > relevant for the USB controller. Otherwise, DbC will stop working as > soon as IOMMU is enabled, regardless of to which domain device assigned > (be it xen or dom0). > If the device is passed through to dom0 or other domain (see later > patches), that domain will effectively have access to those buffers too. > It does give such domain yet another way to DoS the system (as is the > case when having PCI device assigned already), but also possibly steal > the console ring content. Thus, such domain should be a trusted one. > In any case, prevent anything else being placed on those pages by adding > artificial padding. > > Signed-off-by: Marek Marczykowski-Górecki <marma...@invisiblethingslab.com>
Acked-by: Jan Beulich <jbeul...@suse.com>