[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Clarification on security advisory

On Fri, Jan 12, 2018 at 7:30 PM,  <who.are.you@xxxxxxxxx> wrote:
>> ======
>> Xen guests may be able to infer the contents of arbitrary host memory,
>> including memory assigned to other guests.
> So an exploit utilised within one Dom-U can then go on to exploit another 
> Dom-U. This is easy to read.
>> Additionally, in general, attacks within a guest (from guest user to
>> guest kernel) will be the same as on real hardware.  Consult your
>> operating system provider for more information.
> I really don't understand the meaning of this.
> Does this mean that a Dom-U exploit can then go on to exploit the Dom-0 too?
> A Dom-U exploit == a baremetal exploit?

No.  If you're running Linux in an HVM guest, and your Linux kernel
doesn't have the KPTI patches, then a userspace process ("guest user")
can use Meltdown to attack the kernel ("guest kernel").

In other words, to protect your systems from Meltdown, you need to do
two things:
1. Move your PV Linux guests to HVM or PVH
2. Install the Linux KPTI patches / Windows Meltdown hotfixes.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.