You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Thunderclap TL;DR: someone finally tried on PCs (over Thunderbolt) what we did on the PS4 (over PCIe) years ago. As I said at the time, IOMMUs are useless if the drivers are not written assuming the device is evil. *Nobody* writes PCIe drivers assuming the device is evil.
You *must* allocate device memory in page-size chunks. You *must never* stick driver-private data structures into device-mapped buffers. You *must assume* that any device-mapped buffers contain evil data and can change at any time (TOCTTOU). Nobody does any of this. Nobody.
IOMMUs are a cute mitigation that changes the attack approach from "just read/write all physical memory" to "just change a pointer in some driver DMA data structure to let you read/write all physical memory". Yes, it's slightly harder. Only slightly.
I'm going to go ahead and say that GPU drivers will never get this right. Those things are such massive hairballs that if you enable eGPU support over an external interface, you have to assume you're immediately pwnable.
So whitelist Thunderbolt devices to... well, zero devices, to start with. Then start auditing and rewriting drivers and *only* whitelist for TB access those where all of the aforementioned concerns have been considered, possibly in a complete rewrite. It won't be easy.
You'll still have bugs, but, like, the current state of things is that nobody has even *considered* any of this. Right now it's not bugs, evil-device security is literally outside the scope of basically every PCIe driver right now.
Naturally. IOMMUs only mean you have the option of assuming the device is evil.
didn't ieee1394 have similar problem before?
Yes, but 1394 predated IOMMUs so it was a free-for-all and drivers didn't matter. The only driver that used that is storage (sbp2), and sane OSes started only enabling DMA when such a device was connected. You can disable that support and 1394 is safe.
“Nobody writes drivers assuming the device is evil” more like. Except for those three people in the corner who do actually assume everything is evil.
Very true, but it's *much* worse with PCIe devices because people openly throw things in and out of DMA buffers. Like it's possible to accidentally write a simple USB driver that is secure; with PCIe it's pretty much impossible.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
