On 21.12.2022 16:22, Xenia Ragiadakou wrote: > > On 12/20/22 13:09, Andrew Cooper wrote: >> On 19/12/2022 6:34 am, Xenia Ragiadakou wrote: >>> The variable untrusted_msi indicates whether the system is vulnerable to >>> CVE-2011-1898. This vulnerablity is VT-d specific. >>> Place the code that addresses the issue under CONFIG_INTEL_VTD. >>> >>> No functional change intended. >>> >>> Signed-off-by: Xenia Ragiadakou <burzalod...@gmail.com> >> >> Actually, this variable is pretty bogus. I think I'd like to delete it >> entirely.
The important difference between Intel and AMD was that Intel initially supplied DMA-remap-only IOMMUs, while AMD had intremap from the beginning. Hence Intel hardware could be unsafe by default, whereas on AMD an admin would need to come and turn off intremap. Deleting the variable would be okay only if we declared Xen security-unsupported on inremap-less Intel hardware. Extending coverage to AMD wouldn't seem unreasonable to me, if we knew that there were people turning off intremap _and_ caring about this particular class of attack. With no-one having complained in over 10 years, perhaps there's no-one of this kind ... > Nevertheless, I don't think that it would be appropriate to be done as > part of this series. I agree, but I'll want to comment on v2 nevertheless, rather than simply ack-ing it. Jan
