|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Intermittent fatal page fault with XEN 4.3.1 (Centos 6.3 DOM0 with linux kernel 3.10.16.)
On Nov 7, 2013, at 7:57 AM, Jan Beulich <JBeulich@xxxxxxxx> wrote: >>>> On 07.11.13 at 16:41, <Jeff_Zimmerman@xxxxxxxxxx> wrote: >> On Nov 7, 2013, at 1:30 AM, Ian Campbell <Ian.Campbell@xxxxxxxxxx> wrote: >>> I was also wondering about the behaviour of using vmx instructions in a >>> guest despite vmx not being visible in cpuid... >>> >> We have found in our situation this is exactly the case. To verify we wrote >> some >> test code that makes vmx calls without checking cupid. On bare hardware the >> program >> executes as expected. In a VM on Xen it causes the hypervisor to panic. > > You trying it doesn't yet imply that Windows also does so. > > Also, you say "program" - are you using these from user mode code? Yes, from windows run as a privileged user. Windows XP sp3 can cause the crash. It seems windows 7 has better security, we cannot crash the system from a win7 guest. > >> From a security standpoint this is very very bad. It might be a good idea to >> provide either >> a run-time or build-time option to disable nestedhvm. Just turning off the >> vmx >> bit is not enough >> as malicious or badly written code can cause a system crash. > > Yes, we will absolutely need to do that. > > Jan > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |