[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] fw_cfg DMA security
From: |
Jordan Justen |
Subject: |
[Qemu-devel] fw_cfg DMA security |
Date: |
Thu, 22 Oct 2015 23:27:00 -0700 |
User-agent: |
alot/0.3.6 |
Back when I was looking at fw_cfg support for -kernel in OVMF, I noted
that it took a while to read the kernel. We improved the perf
substantially by using a 'rep insb' instruction, which I think kvm
special cases to minimize VM traps.
Nevertheless, I thought that it would be good to implement a DMA
interface to fw_cfg. It's great to see that Marc made that happen.
One complication I thought of was that it might be tricky to deal with
the implications of allowing this DMA to specify any old address to
fill with fw_cfg data.
So, for example, since Red Hat is working on SMM. Would a DMA to SMRAM
be protected?
I haven't watched the fw_cfg DMA discussion too closely, but has this
been thought about?
One idea I had was that near the end of the firmware boot, the
firmware could trigger fw_cfg in QEMU to stop supporting DMA until a
reset.
-Jordan
- [Qemu-devel] fw_cfg DMA security,
Jordan Justen <=