You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Thunderclap TL;DR: someone finally tried on PCs (over Thunderbolt) what we did on the PS4 (over PCIe) years ago. As I said at the time, IOMMUs are useless if the drivers are not written assuming the device is evil. *Nobody* writes PCIe drivers assuming the device is evil.
You *must* allocate device memory in page-size chunks. You *must never* stick driver-private data structures into device-mapped buffers. You *must assume* that any device-mapped buffers contain evil data and can change at any time (TOCTTOU). Nobody does any of this. Nobody.
IOMMUs are a cute mitigation that changes the attack approach from "just read/write all physical memory" to "just change a pointer in some driver DMA data structure to let you read/write all physical memory". Yes, it's slightly harder. Only slightly.
I'm going to go ahead and say that GPU drivers will never get this right. Those things are such massive hairballs that if you enable eGPU support over an external interface, you have to assume you're immediately pwnable.
So whitelist Thunderbolt devices to... well, zero devices, to start with. Then start auditing and rewriting drivers and *only* whitelist for TB access those where all of the aforementioned concerns have been considered, possibly in a complete rewrite. It won't be easy.
You'll still have bugs, but, like, the current state of things is that nobody has even *considered* any of this. Right now it's not bugs, evil-device security is literally outside the scope of basically every PCIe driver right now.
You *must not* trust ring buffer indices in shared memory
Couldn't the kernel enforce most of this in the driver architecture?
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
