[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v4 00/10] Nested VMX: Add virtual EPT & VPID support to L1 VMM




On Tue, Feb 12, 2013 at 9:56 AM, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> wrote:
Nakajima, Jun writes ("Re: [Xen-devel] [PATCH v4 00/10] Nested VMX: Add virtual EPT & VPID support to L1 VMM"):
> I agree that the feature does or can expose a richer attack surface
> for guests today. We need to set "nestedhvm" in the config ('false'
> by default) for each guest, to turn on the feature, as far as I
> know. I don't think we need a global switch like a boot parameter
> for Xen at this point.

Yes, but my point was whether the "nestedhvm" switch is sufficient.
As I understand it nestedhvm with virtual EPT provides a richer attack
surface than without.  So the question is whether we should provide a
switch to disable virtual EPT while leaving nestedhvm enabled.


Given the simple implementation in Xen that utilizes the real H/W feature, I think nestedhvm with virtual EPT should be able to provide more secure implementations with less testing/QA. 

It's possible that we may see more security issues as a side-effect of virtual EPT support in the short term because people may use the nestedhvm feature more. In other words, the option nestedhvm may not be practical without virtual EPT from performance point of view.

-- 
Jun
Intel Open Source Technology Center
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.