|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI
On 05/13/11 13:11, Ian Campbell wrote: > On Fri, 2011-05-13 at 12:08 +0100, Joanna Rutkowska wrote: >> On 05/13/11 10:08, Jan Beulich wrote: > >>> Finally, wouldn't killing all guests that potentially could have caused >>> the problem be a better measure than bringing down the host? >>> >> >> Killing the guest might no longer be enough, because the guest might >> have already programmed the device to keep sending malicious MSIs. > > Is it even possible to know which guest triggered the MSI, or is the > best you can do the set of all guests with an MSI capable device passed > through? > Ah, probably you're right -- if we have more than one driver domain, then I think LAPIC would not tell us which device genrated the MSI. In fact it's not really correct to assume that it must have been a guest with a "MSI capable device" -- note that we don't trigger the MSI via the official MSI triggering mechanism. joanna. Attachment:
signature.asc _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |