Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-58174

Update INF files to support DMA remapping

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Instrument INF file for DMAR support level
    • 0% To Do, 0% In Progress, 100% Done
    • rhel-virt-windows
    • ssg_virtualization
    • 20
    • 13
    • False
    • Hide

      None

      Show
      None

      Description

      Currently virtio-win drivers do not declare any kind of compatibility with DMAR.

      For futher compatibility with Windows "Device Guard" feature they should declare one of 3 possible levels: Not compatible (0), Fully compatible (1), Compatible when Driver Verifier /DMA verifier is enabled(2). When nothing is declared, according to MSFT means "Let the system determine", which seems dangerous.

      virtio-fs device is currently not compatible with DMAR

      the rest of virtio devices are compatible (assuming IOMMU is present and iommu_platform=on,ats=on)

      Some of built-in devices in Windows declare "1" (always), some declare "2" (when Driver Verifier enabled)

      Currently we can recommend "2"

      What SSTs and Layered Product teams should review this?

              ybendito@redhat.com Yuri Benditovich
              ybendito@redhat.com Yuri Benditovich
              Meirav Dean Meirav Dean
              Qianqian Zhu Qianqian Zhu
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: