Google Continues Work On Linux "Restricted DMA" For Situations Like Remote WiFi Attacks

Written by Michael Larabel in Linux Security on 6 January 2021 at 08:48 AM EST. Add A Comment
LINUX SECURITY
Google engineers continue working on the Linux kernel around "Restricted DMA" for helping to protect systems that lack DMA access control for hardware without an IOMMU.

Protected DMA aims to help prevent data leakage or corruption stemming from DMA access to system memory unexpectedly for systems without an IOMMU. One of the lead motivators for this work is due to PCI Express giving full system memory access and there already being proven vulnerabilities like WiFi firmware exploits that could escalate to a full system exploit even remotely via WiFi. Google's Project Zero illustrated such WiFi attacks in 2017.

Now this year it looks like Restricted DMA might be mainlined for helping with systems lacking an IOMMU. Restricted DMA leverages the SWIOTLB (Software Input Output Translation Lookaside Buffer) to bounce streaming DMA in/out of a specially allocated region and does memory allocation from that same region.
Restricted-dma-pool: This indicates a region of memory meant to be used as a pool of restricted DMA buffers for a set of devices. The memory region would be the only region accessible to those devices. When using this, the no-map and reusable properties must not be set, so the operating system can create a virtual mapping that will be used for synchronization. The main purpose for restricted DMA is to mitigate the lack of DMA access control on systems without an IOMMU, which could result in the DMA accessing the system memory at unexpected times and/or unexpected addresses, possibly leading to data leakage or corruption. The feature on its own provides a basic level of protection against the DMA overwriting buffer contents at unexpected times. However, to protect against general data leakage and system memory corruption, the system needs to provide way to restrict the DMA to a predefined memory region.

With the current implementation, these "restricted DMA pools" as the reserved region for restricted DMA can be specified via the Device Tree with an arbitrary address and length.

The latest Restricted DMA patches for the Linux kernel can be found on the kernel mailing list.
Add A Comment
Related News
Linux BHI Mitigation Being Tweaked Following 12% Database Performance Hit
Linux 6.9-rc4 To Bring New Fixes For x86 Speculation Mitigations
Linux Kernel Patched For Branch History Injection "BHI" Intel CPU Vulnerability
GitHub Disables The XZ Repository Following Today's Malicious Disclosure
XZ Struck By Malicious Code That Could Allow Unauthorized Remote System Access
Linux 6.9 Sees Further Security Hardening
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Fedora Linux 40 Cleared For Release Next Week
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Fedora Linux 40 Available For Download As A Wonderful Upgrade
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"