[Ksummit-discuss] [CORE TOPIC] Device error handling / reporting / isolation
Laurent Pinchart
laurent.pinchart at ideasonboard.com
Sat May 10 01:09:22 UTC 2014
On Friday 09 May 2014 13:19:08 James Bottomley wrote:
> On Fri, 2014-05-09 at 20:13 +0000, Luck, Tony wrote:
> > On Fri, May 9, 2014 at 12:37 PM, Josh Triplett <josh at joshtriplett.org>
wrote:
> > > I'm interested in a related topic: we should systematically use IOMMUs
> > > and similar hardware features to protect against buggy or *malicious*
> > > hardware devices
> >
> > Defending against buggy hardware is interesting from a RAS perspective.
> > You don't want a card with a stuck address line scribbling on memory
> > that you didn't want it to touch.
>
> But for a laptop or desktop kernel, how far do we want to go? In
> theory, once the iommu is turned on, it corrals the device, since access
> to non programmed addresses (those without IOTLB entries) produces a
> fault. Is there anything extra we need to do beyond turning on the
> IOMMU?
We need a mechanism to correctly report and handle the IOMMU faults, otherwise
a misbehaving device could generate interrupt storms and cause a denial of
service.
--
Regards,
Laurent Pinchart
More information about the Ksummit-discuss
mailing list