[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 0/3] XSA-60 security hole fix
Recently Oracle developers found a Xen security issue as DOS affecting, named as XSA-60. Please refer http://xenbits.xen.org/xsa/advisory-60.html. Basically it involves how to handle guest cr0.cd setting, which under some environment it consumes much time resulting in DOS-like behavior. These 3 patches is to fix XSA-60 security hole. Patch 1/3 is a preparing patch for fixing XSA-60. Later patch will fix XSA-60 via PAT under Intel EPT case, which depends on cpu_has_vmx_pat; Patch 2/3 is to remove vmx_set_uc_mode logic, which result in XSA-60. It will be replaced by PAT approach at patch 3; Patch 3/3 solves XSA-60 security hole: 1. For guest w/o VT-d, and for guest with VT-d but snooped, Xen need do nothing, since hardware snoop mechanism has ensured cache coherency; 2. For guest with VT-d but non-snooped, cache coherency can not be guaranteed by h/w snoop, therefore it need emulate UC type to guest: 2.1). if it works w/ Intel EPT, set guest IA32_PAT fields as UC so that guest memory type are all UC; 2.2). if it works w/ shadow, drop all shadows so that any new ones would be created on demand w/ UC; _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |