A recent post revealed some security problems using firewire (and a few other technologies) related to DMA[1]. Would the IOMMU features you're talking about prevent that problem?
Right. DMA creates security holes because it does not sit behind an MMU. It can change the memory of any guest OS. That means any OS or code that can program the DMA controller can bypass security. IOMMU prevents that, because all IO devices sit behind this MMU.
You can have this protection, but then face programming issues if IOMMU and cpu MMU use different page tables. You have to update both. ARM IOMMU is designed so that it is automatically in sync with the CPU tables.
A recent post revealed some security problems using firewire (and a few other technologies) related to DMA[1]. Would the IOMMU features you're talking about prevent that problem?
[1] https://news.ycombinator.com/item?id=7123121