Twitter | Search | |
hanno
had a discussion about IOMMU and we wondered whether Linux uses it and protects you from malicious devices
Reply Retweet Like More
hanno 24 Aug 17
Replying to @hanno
there's a kernel option CONFIG_INTEL_IOMMU_DEFAULT_ON - not enabled on most common distros
Reply Retweet Like
hanno 24 Aug 17
Replying to @hanno
I enabled it and for now it seems to work. found some comments that there's trouble with Intel GPUs, but I have one + still seems to work.
Reply Retweet Like
hanno 24 Aug 17
Replying to @hanno
I'm wondering why this isn't enabled widely, what the downsides are and whether it should be advocated for it.
Reply Retweet Like
hanno 24 Aug 17
Replying to @hanno
disclaimer: this touches areas I have little knowledge of, so everything I said may be totally wrong.
Reply Retweet Like
Trent Lloyd ๐Ÿฆ† 24 Aug 17
Replying to @hanno
I'm gonna go out on a limb and say random compatability issues with random hardware. I have no actual idea.
Reply Retweet Like
Brent Cook 24 Aug 17
Replying to @hanno
'soft' IOMMU support is enabled with >3GB: [ 0.963327] PCI-DMA: Using software bounce buffering for IO (SWIOTLB)
Reply Retweet Like
Brent Cook 24 Aug 17
Replying to @hanno
After a bit of reading, it seems to be used to hack around 32-bit only PCI devices, rather than for security. I'd love to hear other views.
Reply Retweet Like
๐•›๐•“๐•ฃ๐• ๐•จ๐•Ÿ 24 Aug 17
Replying to @hanno
I spent a while tracking down kernel panics on Broadwell Xeons in Supermicro motherboards with that on. Seems to be "expected". Use caution.
Reply Retweet Like
Marcus Meissner 24 Aug 17
Replying to @hanno
There are more iommu options and suse at least enabled most of them
Reply Retweet Like
Paul Harvey 24 Aug 17
That's my impression also. And some opportunity for IOMMU to help when under memory pressures in setting up contig. mem for DMA
Reply Retweet Like
Paul Harvey 24 Aug 17
A well-cited paper on this is "Tolerating Malicious Device Drivers in Linux" Boyd-Wickizer & Zeldovich (2010)
Reply Retweet Like
Paul Harvey 24 Aug 17
IOMMU in Linux seems to only accidentally, rather than systematically provide isolation benefits. I am hoping to learn more on this soonish.
Reply Retweet Like
Franklin Richards was here 25 Aug 17
IOMMU is very deep in its impact on security, may rely on in VM or not for example. Afaik is a reliable source on the topic.
Reply Retweet Like
Franklin Richards was here 25 Aug 17
Replying to @hanno @RichFelker
again afaik, iommu's part of how pci-e passthrough happens for VM to have GPU accel. etc. Poorly implemented basically neuters security.
Reply Retweet Like
Franklin Richards was here 25 Aug 17
Replying to @hanno
check the invisible things blogs on iommu, starts back in 2009
Reply Retweet Like
Franklin Richards was here 25 Aug 17
Replying to @hanno
Reply Retweet Like
Franklin Richards was here 25 Aug 17
Replying to @hanno
The use of IOMMU is really widespread
Reply Retweet Like