From: boris.ostrovsky@oracle.com
To: Andrew Cooper <andrew.cooper3@citrix.com>,
Jan Beulich <jbeulich@suse.com>
Cc: xen-devel@lists.xenproject.org,
Cheyenne Wills <cheyenne.wills@gmail.com>
Subject: Re: XSA-351 causing Solaris-11 systems to panic during boot.
Date: Thu, 17 Dec 2020 12:49:26 -0500 [thread overview]
Message-ID: <c6e05b63-b066-9bd0-9da1-1fc089cd1aea@oracle.com> (raw)
In-Reply-To: <0430337a-6fcd-9471-4455-838390401220@citrix.com>
On 12/17/20 11:46 AM, Andrew Cooper wrote:
> On 17/12/2020 16:25, boris.ostrovsky@oracle.com wrote:
>> On 12/17/20 2:40 AM, Jan Beulich wrote:
>>> On 17.12.2020 02:51, boris.ostrovsky@oracle.com wrote:
>>> I think this is acceptable as a workaround, albeit we may want to
>>> consider further restricting this (at least on staging), like e.g.
>>> requiring a guest config setting to enable the workaround.
>> Maybe, but then someone migrating from a stable release to 4.15 will have to modify guest configuration.
>>
>>
>>> But
>>> maybe this will need to be part of the MSR policy for the domain
>>> instead, down the road. We'll definitely want Andrew's view here.
>>>
>>> Speaking of staging - before applying anything to the stable
>>> branches, I think we want to have this addressed on the main
>>> branch. I can't see how Solaris would work there.
>> Indeed it won't. I'll need to do that as well (I misinterpreted the statement in the XSA about only 4.14- being vulnerable)
> It's hopefully obvious now why we suddenly finished the "lets turn all
> unknown MSRs to #GP" work at the point that we did (after dithering on
> the point for several years).
>
> To put it bluntly, default MSR readability was not a clever decision at all.
>
> There is a large risk that there is a similar vulnerability elsewhere,
> given how poorly documented the MSRs are (and one contemporary CPU I've
> got the manual open for has more than 6000 *documented* MSRs). We did
> debate for a while whether the readability of the PPIN MSRs was a
> vulnerability or not, before eventually deciding not.
> Irrespective of what we do to fix this in Xen, has anyone fixed Solaris yet?
I am not aware of anyone working on this (not that I would be).
-boris
next prev parent reply other threads:[~2020-12-17 17:49 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-16 21:57 XSA-351 causing Solaris-11 systems to panic during boot Cheyenne Wills
2020-11-17 8:12 ` Jan Beulich
2020-11-17 14:43 ` Cheyenne Wills
2020-11-17 14:46 ` Andrew Cooper
2020-12-17 1:51 ` boris.ostrovsky
2020-12-17 7:40 ` Jan Beulich
2020-12-17 16:25 ` boris.ostrovsky
2020-12-17 16:46 ` Andrew Cooper
2020-12-17 17:49 ` boris.ostrovsky [this message]
2020-12-18 20:43 ` boris.ostrovsky
2020-12-21 8:21 ` Jan Beulich
2020-12-21 16:21 ` boris.ostrovsky
2020-12-21 16:55 ` Jan Beulich
2020-11-17 10:50 ` Roger Pau Monné
2020-11-17 12:54 ` Roger Pau Monné
2020-11-17 13:59 ` Cheyenne Wills
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c6e05b63-b066-9bd0-9da1-1fc089cd1aea@oracle.com \
--to=boris.ostrovsky@oracle.com \
--cc=andrew.cooper3@citrix.com \
--cc=cheyenne.wills@gmail.com \
--cc=jbeulich@suse.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.