[coreboot] DMA protection? [AMD-Vi]
ron minnich
rminnich at gmail.com
Mon Nov 21 17:43:31 CET 2016
Talidan, just be aware, you can spend the money on enabling IOMMU in
coreboot, but you should not just assumed that it gets upstreamed.
Enabling IOMMU on one implementation of one CPU from one vendor for one
generation is not a really compelling idea, at least for me.
You don't want to confuse your goal -- disable bus master attacks -- from
the means -- using the IOMMU to implement such protection.
I hope you will both look at a much simpler way to do this.
On Mon, Nov 21, 2016 at 8:25 AM Timothy Pearson <
tpearson at raptorengineering.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 11/19/2016 02:24 PM, Taiidan at gmx.com wrote:
> >
> >
> > You the man! Very informative >:D
> >
> >
> > Was the card malicious or just horribly programmed?
> >
> > How much $$$$ would it run for you fellas to make DMA protection happen?
>
> At this point I'm not entirely sure. There are a few ways to do it and,
> as Ron mentioned, configuring the full IOMMU might be somewhat overkill
> or just plain problematic here. If you or someone else has a few
> thousand to throw at this, please contact me off list and we can discuss
> possible solutions with pricing further.
>
> Thanks!
>
> - --
> Timothy Pearson
> Raptor Engineering
> +1 (415) 727-8645 <(415)%20727-8645> (direct line)
> +1 (512) 690-0200 <(512)%20690-0200> (switchboard)
> https://www.raptorengineering.com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJYMx+vAAoJEK+E3vEXDOFbA94IALD7RKAPz1NdVBRuaA2zSygX
> ZVxN+gcVf1Lf78u2Oh929Kp2fg2+Lpa7aN+0WrmhgOOe85Bi8p1lEGKg5uK6lhQO
> lvrDXkZ1n5Vmp9K+kmtar/OOmmwBtqSzdt0lJ9NcOvUxKP7tpr2kK+uGnUuUo3VJ
> 72i6L9P5g5uItBLVeOGXH9/z4sBYoeByasOWofhI6DYYCTD/kFmkF4xlw+N85P0i
> wTAVFBkwqxj7oqacXfzlsiNs5diaHmQ2mtN5jMOWiLpHuMiwdDmE3BgFUDR+x2Rr
> gfRHPb2mLf98ivoAVLTe5Lh767fYxBvXs9uocO9Qsl0xCvr/xgP03gC8Bj50xsY=
> =y5mf
> -----END PGP SIGNATURE-----
>
> --
> coreboot mailing list: coreboot at coreboot.org
> https://www.coreboot.org/mailman/listinfo/coreboot
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20161121/ec75814a/attachment.html>
More information about the coreboot
mailing list