[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qubes-devel
Subject:    Re: [qubes-devel] Automatically assign removable storage devices (ex: SD/MMC) to pciback
From:       Marek =?utf-8?Q?Marczykowski-G=C3=B3recki?= <marmarek () invisiblethingslab ! com>
Date:       2017-02-06 1:14:41
Message-ID: 20170206011441.GD1285 () mail-itl
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Sat, Feb 04, 2017 at 01:04:39PM -0500, Taiidan@gmx.com wrote:
> I think that this would be a good idea to prevent problems re: them showing
> up on dom0 and the related programs happily parsing the inserted sd card
> that contains some kind of file/disk handler exploit.

We try to disable automatic dom0 parsing of various devices as much as
possible. But it's hard to do it right, because there are so many tools
happily accessing those devices... This is one of the reasons why file
manager in dom0 is hidden by default.

> My laptops sd/mmc reader is on the pci-e bus, so it is also dma capable.

While the card reader is DMA-capable, cards inserted there are not. So,
to use that capability one need to exploit card reader first.

> Comments?

There may be slightly related thing: there is known problem of some
Realtek wifi card coming with integrated card reader - those are two
functions (in terms of PCI) of the same device. If you want to assign
one of them to a VM, you need to assign the other one too. So, this
would be an argument to assign it to sys-net, while in theory it makes
more sense to have it in sys-usb.

But it's the next step, we can connect device to pciback, without
actually assigning it to any VM. The problem is in practice it isn't
that easy in some cases, as some devices don't have proper metadata
set[1]. But some devices do announce metadata - for example I have this
one:

    $ lspci -nnvs 0a:00.0
    0a:00.0 SD Host controller [0805]: O2 Micro, Inc.
    OZ600FJ0/OZ900FJ0/OZ600FJS SD/MMC Card Reader Controller [1217:8221]
    (rev 05) (prog-if 01)
            Subsystem: Dell Device [1028:0493]
            Flags: bus master, fast devsel, latency 0, IRQ 17
            Memory at e2c20000 (32-bit, non-prefetchable) [size=512]
            Capabilities: <access denied>
            Kernel driver in use: sdhci-pci
            Kernel modules: sdhci_pci

Any proposition for the option name? Currently we have those:
- - rd.qubes.hide_all_usb - all USB controllers
- - rd.qubes.hide_pci - specific PCI device(s)


[1] https://github.com/QubesOS/qubes-issues/issues/2055

- -- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYl84BAAoJENuP0xzK19cszGsH/10xvbcsZx5cNCYGY3gaHTXc
Z+ue2nctHLtazRU/07EKDc1hssZkN8/hSKhsb9Wz6XogZDU0FrTO/c5qTmxVGyH8
20XE1rGmeSceYHO2H7LtawVwy4ppn0vGkdgoerVT6Law3c1h/ROO5dYtTq8kGFso
LEDzX0TXFjZP+BeaawaYWzdEuviWHHl85grvlMOLXh8DZAAgtfx619unpqygYc0e
JC6bFUNr4RD4kTpFqOq0Hj0Y0QyaLFZ9kdf+tJnO1s0RG6+5zvFBQoC/krXnhQuR
u2+s++FsnenPjOgCkqrGMpVFTl5NLHJ/R+kT/USf8718BaLPG8K5OPv1Feae+nc=
=qHDA
-----END PGP SIGNATURE-----

-- 
You received this message because you are subscribed to the Google Groups \
"qubes-devel" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to qubes-devel+unsubscribe@googlegroups.com. To post to this group, \
send email to qubes-devel@googlegroups.com. To view this discussion on the web visit \
https://groups.google.com/d/msgid/qubes-devel/20170206011441.GD1285%40mail-itl. For \
more options, visit https://groups.google.com/d/optout.


[prev in list] [next in list] [prev in thread] [next in thread]