Comment by saagarjha

Not having an IOMMU=baseband can access all of the AP's memory.

Having an IOMMU=baseband can only access a small section of memory marked for it, ideally.

Obviously, it's worth implementing this: it turns a baseband compromise from "instant game over" to "might be a problem, but the IOMMU needs to have been set up incorrectly or the code that deals with it needs to have a serious vulnerability".