[lowrisc-dev] Hardware Security
Robert.Mullins at cl.cam.ac.uk
Wed Dec 24 16:24:10 GMT 2014
As Alex says, we've had some thoughts in this area. Did you have
specific thoughts about what sort of thing should be top of our list
and how it should be supported?
On 22 December 2014 at 16:34, Alex Bradbury <asb at asbradbury.org> wrote:
> On 22 December 2014 at 12:15, Jookia <166291 at gmail.com> wrote:
>> I'd like to stir up some ideas on hardware security, which could be a big
>> advantage with verifiable hardware (x-raying, etc).
>> Hardware isolation is somewhat necessary to achieve software isolation. Even
>> with a hypervisor, DMA attacks and malicious USB devices can easily own your
>> entire system. In the memo it vaguely mentions IOMMU technology which would
>> help here, allowing you to limit peripherals away from secure data it
>> otherwise shouldn't have access to.
>> There's also the somewhat unrelated issue of trusted execution. This can
>> include things like only running signed code, but more importantly only
>> disclosing secrets when verified code is running. This can help mitigate
>> evil maid attacks and malicious firmware.
> Thanks for the message Jookia. This is an are we had some really
> useful feedback on from people reading earlier drafts. e.g. bunnie
> suggested it could be valuable to carve out a small amount of memory
> for every minion which can't be remapped or shared in the IOMMU (this
> is hinted at in the memo, but perhaps it's not clear this wouldn't
> just be done via the IOMMU).
More information about the lowrisc-dev