On Mon, Dec 2, 2019 at 4:40 PM Matthew Garrett <matthewgarrett@xxxxxxxxxx> wrote: > > Add an option to disable the busmaster bit in the control register on > all PCI bridges before calling ExitBootServices() and passing control to > the runtime kernel. System firmware may configure the IOMMU to prevent > malicious PCI devices from being able to attack the OS via DMA. However, > since firmware can't guarantee that the OS is IOMMU-aware, it will tear > down IOMMU configuration when ExitBootServices() is called. This leaves > a window between where a hostile device could still cause damage before > Linux configures the IOMMU again. I don't know enough about ARM to know if this makes sense there as well. Anyone?
