>> > A pci device can read system RAM and other memory-mapped PCI devices
>> > (such as display framebuffers) using DMA. In addition, a pci (but not
>> > pci-express) device can snoop on pci bus traffic to other devices.
>> > Typically, however, hard drive controllers will be integrated into the
>> > chipset so the data is not on the bus.
>>
>> Thanks for providing this information. This makes the binary firmware
>> required for peripherals even more interesting for security conscious
>> people.
>
> Note that some machines have IOMMUs so it may be possible to prevent a device
> from reading main memory, perhaps at a performance cost.
>
> My AMD machine disables the IOMMU on startup.
>
> If you don't trust your hardware there are only two solutions: keep it off the
> net or keep it off.
It gets even more complex with remote management solutions, ranging from
simple PCI boards that can reset the machine to fully-integrated [like
Sun's RSC] processors that can poke anything.
Jan Engelhardt
--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
