Thank you, Marek. So, I've concluded that the vulnerability has rather minimal impact to non-IOMMU (non-VT-d) machines:
* On those machines, you already trust NetVMs.
* Of course, the vulnerability could be also abused from a ProxyVM (or FirewallVM, which is a special type of ProxyVM). This is the little additional risk.
* As you note, there is a very theoretical ability to attack dom0 from domUs. (Maybe they are limited just to ProxyVMs, I am not sure.) For this reason, I've installed the updates in dom0.
Essentially, non-IOMMU setups are more like the traditional Xen deployments mentioned in the QSB.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Dear Qubes users,
We have just released a new Qubes Security Bulletin (QSB #23):
https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-023-2015.txt
Regards,
joanna.
- --
The Qubes Security Team
https://qubes-os.org/doc/SecurityPage/
I do not think that is correct. Looking at lines 78-108 of the QSB, the characteristic that defines what you call a "traditional Xen deployment" does not have anything to do with using an IOMMU, but instead whether a backend is located in dom0 or in a "driver domain."
In contrast, Qubes has at least the net backend in NetVM, as well as ProxyVM as you noted. Plus, if you set up a USBVM, sharing a USB flash drive or such causes the USBVM to act as a block backend as well.
Also, the QSB notes an example where an AppVM hosts an ISO for another domain.
However, even on a system without an IOMMU, I would not say that we "already trust NetVMs," as there is still significant isolation provided by having it in a separate domain
On Monday, December 21, 2015 at 6:09:53 PM UTC+1, Eric Shelton wrote:I do not think that is correct. Looking at lines 78-108 of the QSB, the characteristic that defines what you call a "traditional Xen deployment" does not have anything to do with using an IOMMU, but instead whether a backend is located in dom0 or in a "driver domain."Sure, even without IOMMU, Qubes is not the “traditional Xen deployment” (TXD). But it is much more similar to the TXD, because all domains with a PCI device have access to whole RAM through DMA, so they are effectively a part of TCB. In such cases, the attack gives attacker nothing previously not owned on any non-IOMMU system.
In contrast, Qubes has at least the net backend in NetVM, as well as ProxyVM as you noted. Plus, if you set up a USBVM, sharing a USB flash drive or such causes the USBVM to act as a block backend as well.That's true. However, if NetVM or USBVM is compromised on a non-IOMMU, then they can perform the DMA attack. It depends if ProxyVMs and FirewallVMs are to be considered as a significant additional risk.
Both of the above comments seem to be saying: "if you do not have an IOMMU, you're already burned, because you are open to DMA attacks." I disagree with the situation being quite that binary, and it assumes a DMA attack is easy to come by. They are two distinct attack vectors.