Hi, > One complication I thought of was that it might be tricky to deal with > the implications of allowing this DMA to specify any old address to > fill with fw_cfg data. > > So, for example, since Red Hat is working on SMM. Would a DMA to SMRAM > be protected? > > I haven't watched the fw_cfg DMA discussion too closely, but has this > been thought about?
Yes. That problem isn't new and it isn't specific to fw_cfg. You also don't want grant dma access to smram/tseg to your ide/sata/scsi controller or NIC. > One idea I had was that near the end of the firmware boot, the > firmware could trigger fw_cfg in QEMU to stop supporting DMA until a > reset. Should not be needed. We have address spaces in qemu, and the smram/tseg regions are explicitly excluded (when enabled) from dma-able memory. mark: when writing a fw_cfg_dma tests it is a good idea to add a testcase for this, so make sure this works as intended and to avoid security-sensitive regressions. cheers, Gerd
