Re: Wiretapping Linux?

From: Avi Kivity
Date: Wed May 17 2006 - 10:17:01 EST

Next message: Ondrej Zary: "Re: replacing X Window System !"
Previous message: Alan Cox: "Re: [usb-storage] Re: [v4l-dvb-maintainer] 2.6.16-rc: saa7134 + u sb-storage = freeze"
In reply to: Joerg Pommnitz: "Re: Wiretapping Linux?"
Next in thread: Jan Engelhardt: "Re: Wiretapping Linux?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Joerg Pommnitz wrote:

--- Avi Kivity schrieb:

A pci device can read system RAM and other memory-mapped PCI devices (such as display framebuffers) using DMA. In addition, a pci (but not pci-express) device can snoop on pci bus traffic to other devices. Typically, however, hard drive controllers will be integrated into the chipset so the data is not on the bus.

Thanks for providing this information. This makes the binary firmware
required for peripherals even more interesting for security conscious
people.

Note that some machines have IOMMUs so it may be possible to prevent a device from reading main memory, perhaps at a performance cost.

My AMD machine disables the IOMMU on startup.

If you don't trust your hardware there are only two solutions: keep it off the net or keep it off.

--
error compiling committee.c: too many arguments to function

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ondrej Zary: "Re: replacing X Window System !"
Previous message: Alan Cox: "Re: [usb-storage] Re: [v4l-dvb-maintainer] 2.6.16-rc: saa7134 + u sb-storage = freeze"
In reply to: Joerg Pommnitz: "Re: Wiretapping Linux?"
Next in thread: Jan Engelhardt: "Re: Wiretapping Linux?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]