|
From: | Paolo Bonzini |
Subject: | Re: [RFC PATCH 00/12] hw: Forbid DMA write accesses to MMIO regions |
Date: | Thu, 3 Sep 2020 17:46:39 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 |
On 03/09/20 16:24, Edgar E. Iglesias wrote: >> [*] I do wonder about hardware-device-passthrough setups; I >> don't think I would care to pass through an arbitrary device >> to an untrusted guest... > Hmm, I guess it would make sense to have a configurable option in KVM > to isolate passthrough devices so they only can DMA to guest RAM... Passthrough devices are always protected by the IOMMU, anything else would be obviously insane^H^H^Hecure. :) Paolo
[Prev in Thread] | Current Thread | [Next in Thread] |