On Tue, Nov 27, 2012 at 9:31 PM, Terje Bergström tbergstrom@nvidia.com wrote:
On 27.11.2012 12:37, Thierry Reding wrote:
But in that case it should be made mandatory at first until proper IOMMU support is enabled on Tegra30. Then it can be checked at driver probe time whether or not to enable the extra checks. That way we don't need a special Kconfig option and we still get all the security that we need, right?
I guess it depends on the level of security.
If we want to only protect kernel and user space memory, this would be sufficient and no firewall is needed if IOMMU is turned on.
If we want to protect 2D buffers from each other, this is not sufficient.
We generally aim for the first, to stop the gpu from reading/writing any memory it hasn't been granted access to, the second is nice to have though, but really requires a GPU with VM to implement properly.
Dave.