-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On 11/21/2016 11:26 AM, ron minnich wrote:

On Mon, Nov 21, 2016 at 9:21 AM Timothy Pearson <tpearson@raptorengineering.com mailto:tpearson@raptorengineering.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/21/2016 10:43 AM, ron minnich wrote:
> Talidan, just be aware, you can spend the money on enabling IOMMU in
> coreboot, but you should not just assumed that it gets upstreamed.

That's why I was suggesting we discuss mitigating DMA attacks instead of
going after the IOMMU directly.  

Got it, thanks. So, in a more general case, what can we do to remediate such attacks across all the systems we have? And, further, what PCI support can we contemplate removing now that kernels are smarter, so as to help ensure that we don't accidentally make such attacks possible in the future?

And, in the age of FSP blobs, what should we check to make sure FSP has not accidentally enabled such attacks?

The first thing I would suggest (per your initial idea) is modifying the PCI tree walking function in ramstage to read the bus mastering status of every device, then thrown an alert to the console for each device that has BM enabled. That will let us know just how extensive the problem is, and scary warnings might call greater attention to the problem.

In general, if you have binary blobs in the system such as the FSP, all bets are off. Such platforms cannot be trusted in ways that extend far beyond a DMA attack -- the FSP could, for instance, work in tandem with an Intel network peripheral and no one would really know about it outside of Intel.

- -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com