Xen project Mailing List

Re: [Publicity] Draft technical blog post

To: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>

From: George Dunlap <george.dunlap@xxxxxxxxxxxxx>

Date: Thu, 2 Oct 2014 16:40:25 +0100

Cc: Andrew Halley <andrew.halley@xxxxxxxxxx>, "publicity@xxxxxxxxxxxxxxxxxxxx" <publicity@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 02 Oct 2014 15:41:09 +0000

List-id: "List for Xen Publicity, PR and events" <publicity.lists.xenproject.org>

On 10/02/2014 04:38 PM, Konrad Rzeszutek Wilk wrote:

On Thu, Oct 02, 2014 at 03:48:30PM +0100, George Dunlap wrote:

Hey all,

Below is a more technical draft blog post in response to the recent media
flurry about XSA-108.  If you've updated your blog logins you can also
preview the post here: https://blog.xenproject.org/?p=10093&preview=true

Let me know if you have any feedback!

You might want to add that Linux guests that run in HVM mode don't enable
x2APIC mode at all - as they end up using the PVHVM route which ends up
using events.

This does affect 'true' HVM guests.

But you could only exploit this if you have control of the guest OS; and

if you have that, you can enable the x2APIC, right?

  -George

XSA-108: Not the disaster you're looking for

There has an unusual amount of media attention to XSA-108, whose embargo
period ended Wednesday -- far more than any of the previous 107
vulnerabilities the Xen Project has reported.  It began when a blogger
noticed that Amazon was telling customers it would be rebooting VMs in
certain regions before a specific date -- a date which happened to coincide
with the release of XSA-108.  He conjectured that the reboots had something
to do with that, and further conjectured that, because of the major impact
to customers of rebooting, that it must be something very big and important,
similar to the recent Heartbleed and Shell Shock vulnerabilities. Amazon
confirmed that the reboots had to do with XSA-108, but could say nothing
else because of the security embargo.

Unfortunately, because of the nature of embargoes, nobody with any actual
knowledge of the vulnerability was allowed to say anything about it, and so
the media was entirely free to speculate without any actual facts getting in
the way.

Now that the embargo has lifted, we can talk in detail about the
vulnerability; and I'm afraid that people looking for another Shell Shock or
Heartbleed are going to be disappointed.

<h1>What is the vulnerability?</h1>

XSA-108 has to do with the emulation of a piece of hardware called an
x2apic.  x2apic is an interrupt controller: it allows the operating system

x2APIC

to control when and how and where urgent messages from outside the chip, and
from other cores within the same chip, are delivered.

Interrupt controllers occupy a rather awkward position in the architecture.
They are fairly complicated to implement in hardware; which is why they are
not yet implemented by Intel's VT hardware. (This may change in the future.)
But they are far too performance critical for Xen to pass emulation off to
qemu, as it does with virtual disks or virtual networks.  This means that

QEMU

Do I have to? :-) I think it looks much nicer as "qemu"... -George _______________________________________________ Publicity mailing list Publicity@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.