Xen project Mailing List

Re: [Xen-devel] [PATCH v2 00/23] Vixen: A PV-in-HVM shim

From: Anthony Liguori <anthony@xxxxxxxxxxxxx>

Date: Mon, 8 Jan 2018 09:17:09 -0800

Cc: Anthony Liguori <aliguori@xxxxxxxx>, Anthony Liguori <aliguori@xxxxxxxxxx>, KarimAllah Ahmed <karahmed@xxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan H. Schönherr <jschoenh@xxxxxxxxx>, Matt Wilson <msw@xxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>

Delivery-date: Mon, 08 Jan 2018 17:17:19 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Jan 8, 2018 at 9:13 AM, Wei Liu <wei.liu2@xxxxxxxxxx> wrote: > On Sun, Jan 07, 2018 at 12:28:16PM -0800, Anthony Liguori wrote: >> From: Anthony Liguori <aliguori@xxxxxxxxxx> >> >> CVE-2017-5754 is problematic for paravirtualized x86 domUs because it >> appears to be very difficult to isolate the hypervisor's page tables >> from PV domUs while maintaining ABI compatibility. Instead of trying >> to make a KPTI-like approach work for Xen PV, it seems reasonable to >> run a copy of Xen within an HVM (or PVH) domU to provide backwards >> compatibility with guests as mentioned in XSA-254 [1]. >> >> This patch series adds a new mode to Xen called Vixen (Virtualized >> Xen) which provides a PV-compatible interface while gaining >> CVE-2017-5754 protection for the host provided by hardware >> virtualization. Vixen supports running a single unprivileged PV >> domain (a dom1) that is constructed by the dom0 domain builder. >> >> Please note the Xen page table configuration fundamental to the >> current PV ABI makes it impossible for an operating system to mitigate >> CVE-2017-5754 through mechanisms like Kernel Page Table Isolation >> (KPTI). In order for an operating system to mitigate CVE-2017-5754 it >> must run directly in a HVM or PVH domU. >> >> This series is very similar to the PVH series posted by Wei and we >> have been discussing how to merge efforts. We were hoping to have >> more time to work this out. I am posting this because I'm fairly >> confident that this series is complete (all PV instances in EC2 are >> using this) and others might find it useful. I also wanted to have >> more of a discussion about the best way to merge and some of the >> differences in designs. >> >> This series is also available at: >> >> git clone https://github.com/aliguori/xen.git vixen-upstream-v2 > > You have a typo in the name of the branch. It is vixen-upstrea-v2 on > github. :-) Fixed :-D Regards, Anthony Liguori > Wei. > > _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxxxxxxxxx > https://lists.xenproject.org/mailman/listinfo/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.