




















Linux’s drivers assume the hardware is trusted, so for the IOMMU to provide serious protection you need a userspace driver. This can either be one that is designed to run in userspace, or Linux running in a virtual machine.
Furthermore, safe use of the IOMMU generally involves shadow buffers and extra copies to provide byte-granularity protection and to prevent TOCTOU attacks. Premapping buffers can and should help, though it will likely require data copies.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。