Linked by David Adams on Fri 2nd Mar 2012 16:03 UTC
Privacy, Security, Encryption When was the last time you reverse-engineered all the PCI devices on your motherboard?. . . Enters the game-changer: IOMMU (known as VT-d on Intel). With proper OS/VMM design, this technology can address the very problem of most of the hardware backdoors. A good example of a practical system that allows for that is Xen 3.3, which supports VT-d and allows you to move drivers into a separate, unprivileged driver domain(s). This way each PCI device can be limited to DMA only to the memory region occupied by its own driver.
Permalink for comment 509535
To read all comments associated with this story, please click here.
Not sure...
by Neolander on Sun 4th Mar 2012 09:06 UTC
Member since:

I'm not sure if IOMMUs represent that big of a defense against hardware backdoors. Here is why :

Let's say that I buy a laptop from a shady vendor. Like with any laptop, the hardware inside of it is pretty much a perfect black box to me. What makes me sure that all hardware on my motherboard will be connected to the memory bus through an IOMMU ? What prevents the laptop manufacturer (or someone else in the manufacturing chain) from just putting a "spy chip" directly on the memory bus, invisible to the OS ?

Now, I'm not saying that IOMMUs are useless for security. When using insecure external interfaces that let any peripheral access all physical memory, such as Firewire or Thunderbolt*, IOMMUs can prevent a simplistic and hot-pluggable "pen drive" from completely busting OS security. If you can trust your computer, then IOMMUs allow you not to trust what you plug in it, which is already something.

Also, security aside, IOMMUs are a great tool for virtualization.

* As far as I know, USB has no such vulnerability. Operating systems should, however, make sure that USB packets coming from devices are standard-compliant if they want to avoid the PS3's tragic fate (more details here : )

Edited 2012-03-04 09:12 UTC

Reply Score: 2