Decreasing System Availability on an Avionic Multicore Processor Using Directly Assigned PCI Express Devices

In this paper we investigate security properties of the I/O Memory Management Units (IOMMUs) implemented in a multicore processor being a representative platform for future avionic systems. Freescale's P4080 is considered as such a candidate. On this platform we show an attack that can be performed by an (untrusted) driver accessing an interruptcapable Direct Memory Access (DMA) device. Our demonstrated attack bases on a weakness of the implemented IOMMU for Peripheral Component Interconnect (PCI) Express (PCIe) devices. The need for interrupts forces the user to map an address window of at least 4 kB for a DMA channel required for the so called Message Signaled Interrupts (MSIs). Unfortunately, this window contains also important interrupt controller configuration and reset registers. As worst-case scenario this attack can have an impact to the overall system availability. Our investigation will show the necessity of careful treatments of interrupts and DMAcapable devices in case of using the considered platform for avionics and general systems.     «

In this paper we investigate security properties of the I/O Memory Management Units (IOMMUs) implemented in a multicore processor being a representative platform for future avionic systems. Freescale's P4080 is considered as such a candidate. On this platform we show an attack that can be performed by an (untrusted) driver accessing an interruptcapable Direct Memory Access (DMA) device. Our demonstrated attack bases on a weakness of the implemented IOMMU for Peripheral Component Intercon...     »