Clarification Meltdown for vulnerability between 64-bit PV guests

Clarification Meltdown for vulnerability between 64-bit PV guests

[John Wang]

[-- Attachment #1.1: Type: text/plain, Size: 305 bytes --]

Hi:

64 bit PV guest can attack hypervisor  by SP3, whether it still can 
attack others 64 bit PV guest by SP3 ? If yes, whether the xpti enable 
on hypervisor can prevent  vulnerability?  if no, what operations need 
to be done on 64 PV guest or hypervisor?


-- 
Thanks
APACII QA
John(XiaoGen Wang)


[-- Attachment #1.2: Type: text/html, Size: 625 bytes --]

[-- Attachment #2: Type: text/plain, Size: 157 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: Clarification Meltdown for vulnerability between 64-bit PV guests

[Andrew Cooper]

[-- Attachment #1.1: Type: text/plain, Size: 444 bytes --]

On 16/05/18 09:37, John Wang wrote:
>
> Hi:
>
> 64 bit PV guest can attack hypervisor by SP3
>

Yes.

> whether it still can attack others 64 bit PV guest by SP3?
>

Meltdown attacks only operate within a single address space.  You can't
attack a separate address space with it.

That said, the VM => VM attack with Meltdown is due to the fact that
other VMs are mapped into Xen's directmap, so available by attacking the
hypervisor.

~Andrew

[-- Attachment #1.2: Type: text/html, Size: 1099 bytes --]

[-- Attachment #2: Type: text/plain, Size: 157 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel