[coreboot] DMA protection? [AMD-Vi]
ron minnich
rminnich at gmail.com
Mon Nov 21 00:52:34 CET 2016
On Sun, Nov 20, 2016 at 3:49 PM Kyösti Mälkki <kyosti.malkki at gmail.com>
wrote:
> On Mon, Nov 21, 2016 at 1:36 AM, ron minnich <rminnich at gmail.com> wrote:
>
> The way coreboot has always enforced DMA protections is to not set bus
> master enabling on IO devices. I trust that particular setting a lot more
> than I trust trying to configure an IOMMU, given that such configuration
> seems to require trying to parse ACPI DMAR tables. If you will now tell me
> that some bad IO device might ignore BME, then I would want to know how to
> disable PCI bus mastering in the root complex, but certainly not via the
> IOMMU.
>
>
> And just grepping for PCI_COMMAND_MASTER would suggest such enforcing has
> completely been forgotten for some years. Like for the UART of
> intel/skylake in bootblock already.
>
> <https://www.coreboot.org/mailman/listinfo/coreboot>
>
>
That needs to be fixed it would seem :-)
ron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20161120/122152aa/attachment.html>
More information about the coreboot
mailing list