Announcement
Collapse
No announcement yet.
Linux 5.9 Enables P2PDMA For All AMD CPUs Zen + Newer
Collapse
X
-
Originally posted by L_A_G View PostSounds like a nice feature with plenty of uses, but when attacks like Broadpwn* that can get around whitelisting by leveraging previously whitelisted devices I'm not sure it's a very good idea from a security perspective. Sort of like all the corners particularly Intel cut in it's branch prediction implementations causing the Spectre/Meltdown vulnerabilities.
*This attack takes over the network chip, which runs it's own minimalist but very much exploitable OS, and then leverages it's ability to do DMA for basically total access to basically everything on the system.
Then again, IOMMU can and did have bugs and issues in the past on some hardware.
Leave a comment:
-
Originally posted by timofonic View PostWhat is this useful for? What devices use it?
- Likes 4
Leave a comment:
-
Sounds like a nice feature with plenty of uses, but when attacks like Broadpwn* that can get around whitelisting by leveraging previously whitelisted devices I'm not sure it's a very good idea from a security perspective. Sort of like all the corners particularly Intel cut in it's branch prediction implementations causing the Spectre/Meltdown vulnerabilities.
*This attack takes over the network chip, which runs it's own minimalist but very much exploitable OS, and then leverages it's ability to do DMA for basically total access to basically everything on the system.
Originally posted by timofonic View PostWhat is this useful for? What devices use it?Last edited by L_A_G; 10 August 2020, 10:06 AM.
Leave a comment:
-
Yeah, you could at the least do it in a clever way, like:
Typo: whitelist -> allowlist 😅
Leave a comment:
-
Originally posted by chuckula
i got three words for you: Tuh-rigg-urrd!!!
Repression alert!
Repression alert!
- Likes 16
Leave a comment:
-
Linux 5.9 Enables P2PDMA For All AMD CPUs Zen + Newer
Phoronix: Linux 5.9 Enables P2PDMA For All AMD CPUs Zen + Newer
The PCI subsystem updates have been sent in for the Linux 5.9 kernel. Peer-to-peer DMA support is now solid for all AMD CPUs of the Zen family or newer...
Tags: None
Leave a comment: