| ▲ | ylk 2 hours ago | |
> The baseband can do a lot, it has dma There's an IOMMU: > Is the baseband isolated? > Yes, the baseband is isolated on all of the officially supported devices. Memory access is partitioned by the IOMMU and limited to internal memory and memory shared by the driver implementations. [...] https://grapheneos.org/faq#baseband-isolation > GrapheneOS cannot really influence this, but hardened_malloc could conceivably help. They can and do, see above. But I don't see how hardened_malloc is related to the baseband doing DMA. | ||
| ▲ | cartoonworld an hour ago | parent [-] | |
Thanks, this is very good information! To answer your question, I thought it might just be slightly harder to extract secrets or exploit a running process directly. Thats all I was saying. | ||