[coreboot] DMA protection? [AMD-Vi]
Taiidan at gmx.com
Taiidan at gmx.com
Tue Nov 15 22:35:59 CET 2016
I have KGPE-d16 with IOMMU/AMD-VI and I was wondering if it would be
possible to designate in coreboot certain devices pass-through only to
stop them from communicating with the host? If I have to launch a rescue
CD or what not then a rogue infected device could do a DMA attack correct?
On linux does iommu only isolate from the host devices assigned to a
guest? assigned to pcistub? or is there always some level of mediation?
My system says "dom0 mode - relaxed" right below the AMDVI messages,
what does it mean?
Thanks for any replies!
More information about the coreboot
mailing list