Interesting. VT-d tradeoffs ... what are they?
The connection to the device is not encrypted and also not authenticated.
This is different that even talking to the (untrusted) host through
shared memory where you at least still have a common key.
Allowing hypervisor to write into BIOS looks like it will
trivially lead to code execution, won't it?
This is not about BIOS code executing. While the guest firmware runs it
is protected of course. This is for BIOS structures like ACPI tables
that are mapped by Linux. While AML can run byte code it can normally
not write to arbitrary memory.
The risk is more that all the Linux code dealing with this hasn't been
hardened to deal with malicious input.
-Andi
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
