[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] HT Vulnerability CAN-2005-0109

To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
From: Nils Toedtmann <xen-devel@xxxxxxxxxxxxxxxxxx>
Date: Wed, 18 May 2005 16:43:44 +0200
Delivery-date: Wed, 18 May 2005 14:43:15 +0000
List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Sorry if this is a dupe. I quickly checked the lists and the bitkeeper
changesets but found no reference. If i missed it, ignore this mail.


Just stumbled on /. upon CAN-2005-0109 and wonder if xen is affected:

  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0109>
  <http://www.daemonology.net/hyperthreading-considered-harmful/>

I have _no_clue_ about OS internals, processors or programming, but as i
understood the abstract this is a bug on some intel pentium/xeon cpus in
their hyperthreading implementation (i read it "ht threads share cpu
cache in a way that information leaks from one thread to another"). The
author states that the OS kernel (here: the xen kernel) could workaround
that bug.

Is it possible that two domain kernels running on the same physical core
but on different ht threads leak information to each other exploiting
this covert/side channels?

I apologize in advance if all this does not make sense ...

/nils.


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Follow-Ups:
- Re: [Xen-devel] HT Vulnerability CAN-2005-0109
  - From: Mark Williamson

Prev by Date: [Xen-devel] Re: [PATCH] Fixing stack alignment in x86-64 Xen
Next by Date: Re: [Xen-devel] HT Vulnerability CAN-2005-0109
Previous by thread: [Xen-devel] sedf testing: volunteers please
Next by thread: Re: [Xen-devel] HT Vulnerability CAN-2005-0109
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.