Comments (1)
osresearch
commented on August 24, 2024
Ron Minnich writes that coreboot doesn't enable the IOMMU, but instead disables bus mastering for the PCIe switches: https://www.coreboot.org/pipermail/coreboot/2016-November/082488.html
The way coreboot has always enforced DMA protections is to not set bus
master enabling on IO devices. I trust that particular setting a lot more
than I trust trying to configure an IOMMU, given that such configuration
seems to require trying to parse ACPI DMAR tables. If you will now tell me
that some bad IO device might ignore BME, then I would want to know how to
disable PCI bus mastering in the root complex, but certainly not via the
IOMMU.
Is this sufficient? Can rogue devices bypass the BM bit?
from heads.
Related Issues (20)
- Revise CircleCI caching strategies
- Interestingly enough, it's flashrom now that is not reproducible between local builds and CircleCI with nix docker image HOT 1
- nitropad-nv41 v0.2.0-2147-g1e583e0 rom kernel panic HOT 8
- Nix buildstack next step : have and use qemu-canokey non-existing pre-compiled qemu/kvm in docker image
- Enable Lenovo Thinkpad T530-unmaintained-build for testing and reporting functionality of build HOT 4
- OEM Factory Reset GPG user authentication: key_to_card fails with ยซ invalid time ยป HOT 5
- bash: line 1: /home/user/heads/crossgcc/x86/bin/x86_64-linux-musl-gcc: No such file or directory HOT 2
- Bring colors to the shell console "'a la" systemd : "[...] doing action" -> "[OK] action" (green) || "[FAILED] action" (red) HOT 5
- Bring back Lenovo Thinkpad T530 to supported/tested - images are working fine HOT 5
- t420 (display port does not work after external flashing) HOT 11
- Review CONFIG_ONBOARD_VGA_IS_PRIMARY enablement for dGPU enabled boards HOT 2
- Merge heads-wiki repo into a heads-wiki subdir of this project to render at osresearch.net and archive for reference? (long-term plan) HOT 1
- Force reboot between tpm reset+sign /boot and DUK for non-HOTP deployments ?
- Error message misleading HOT 1
- Language selection
- Programmer selection HOT 6
- Update nv41/ns50 intel_iommu=igfx_off (librem 11 = GOP igfx)
- Switch all Linux config schedulers out of performance schedulers
- Remove unneeded iotools
- nv41/ns50 boards: rebrand nitrokey boards as novacustom HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from heads.