[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-devel] [PATCH][RFC] Support more Capability Structures andDevice Specific

To: "Dong, Eddie" <eddie.dong@xxxxxxxxx>
From: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Date: Thu, 3 Jul 2008 10:50:34 +0100
Cc: Yuji Shimada <shimada-yxb@xxxxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx, Keir Fraser <keir.fraser@xxxxxxxxxxxxx>, Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 03 Jul 2008 02:51:08 -0700
List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Dong, Eddie writes ("RE: [Xen-devel] [PATCH][RFC] Support more Capability 
Structures andDevice Specific"):
> Alan Cox wrote:
> > In the general case there are also some really nasty
> > dirty attacks you can't stop with an IOMMU one of which
> > is to reflash the BIOS of the graphics card to which you
> > were given unrestricted access so that you compromise the
> > entire system next boot. These attacks appear well
> > understood except by IOMMU marketing people ;) 
> 
> Same with above, this is already protected by IOMMU, peer to peer DMA is
> not supported right now.

You have evidently completely misunderstood Alan's point.

I was going to explain it again but I'm not sure I know how to say it
more clearly.  Alan's scenario doesn't involve any peer to peer DMA.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Follow-Ups:
- RE: [Xen-devel] [PATCH][RFC] Support more Capability StructuresandDevice Specific
  - From: Dong, Eddie

References:
- Re: [Xen-devel] [PATCH][RFC] Support more Capability Structures andDevice Specific
  - From: Yuji Shimada
- Re: [Xen-devel] [PATCH][RFC] Support more Capability Structures andDevice Specific
  - From: Ian Jackson
- RE: [Xen-devel] [PATCH][RFC] Support more Capability Structures andDevice Specific
  - From: Dong, Eddie
- RE: [Xen-devel] [PATCH][RFC] Support more Capability Structures andDevice Specific
  - From: Ian Jackson
- Re: [Xen-devel] [PATCH][RFC] Support more Capability Structures andDevice Specific
  - From: Alan Cox
- RE: [Xen-devel] [PATCH][RFC] Support more Capability Structures andDevice Specific
  - From: Dong, Eddie

Prev by Date: Re: [Xen-devel] [PATCH 1/4] pvSCSI driver
Next by Date: [Xen-devel] Re: [PATCH] Handle MSI irq storm
Previous by thread: RE: [Xen-devel] [PATCH][RFC] Support more Capability Structures andDevice Specific
Next by thread: RE: [Xen-devel] [PATCH][RFC] Support more Capability StructuresandDevice Specific
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.