(To help this conversation I’m starting with what I believe is correct information, to help people identify any possible wrong assumptions I could be starting with)
Many network and USB cards have firmware updates loaded at boot time, which persists until reboot.
Other network and USB cards can have flashable firmware, that is loaded and then persists reboots.
If a disposable sys-net or sys-usb qube that becomes compromised is using the second type (flashable firmware), then potentially the flashable firmware can be attacked allowing the compromise to persist across reboots. If the hardware just has the first type (volatile ram-based firmware), then they should be immune to this.
The word “reboot” is a bit vague. Lets separate “reboot” into 3 types:
- “Full system reboots”, meaning: “full power down, then power up”
(note: I have no idea if laptops can do this without removing the battery) - “ACPI system reboots”: what happens when you select “reboot” from the dom0 menu
- “VM reboot”: what happens when you select a qube and click “restart” in the Qube Manager
(Up till now I’ve been referring to full system reboots)
Furthermore, qvm-pci outputs which VM each PCI goes to, and if it does not say “no-strict-reset=True”, then I believe that means that a “reset yourself” signal is sent to the hardware upon qube bootup, meaning that compromised RAM based firmware would only last untill a VM reboot. (assuming they implemented the reset function properly)
(Note: the “permissive” flag may be important here)
So, if this is all true, then the question becomes how to determine which cards have flashable firmware in them. For example, when I confirm that a specific model has RAM based firmware, does that mean that the hardware does not have flashable firmware?
(Note that CPU’s seem to have both flashable and RAM based firmware)
For example, I can image a manufacturer where the default firmware might be flashed by the manufacturer, but they dont give the flashing procedure to the public, and just distribute the firmware updates as RAM-based firmware.
EDIT (added this paragraph): I’ve found a confirmed case of devices that loads its firmware either from flash memory or can be loaded into RAM directly from the driver. The uPD720202 usb controller can load its firmware either from external flash memory or can be directly loaded into RAM by the driver. This means that each PCB manufacturer decides if they want to add persistent state to the card when they design it.
This means as a end user you have to reverse engineer how each PCB design works to figure out if it has state or not. (and this isn’t even taking into account the possibility of malicious intent)
More generally, how does one gain the certainty necessary to select network cards and USB cards to purchase for a sys-net or sys-usb qube? The 2 possible methods we have so far are:
- See if the information is available from the FSF RYF program.
- Reverse engineer different cards till you find one with no state.
Is this “lack of writable persistent memory” something that gets investigated/verified in “Qubes certified hardware?”