WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-devel

[Top] [All Lists]

Re: [Xen-devel] HT Vulnerability CAN-2005-0109

from [Jonathan S. Shapiro]

[Permanent Link][Original]

To:	xen-devel@xxxxxxxxxxxxxxxxxxx
Subject:	Re: [Xen-devel] HT Vulnerability CAN-2005-0109
From:	"Jonathan S. Shapiro" <shap@xxxxxxxxxxx>
Date:	Wed, 18 May 2005 11:27:00 -0400
Delivery-date:	Wed, 18 May 2005 15:26:50 +0000
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
Importance:	Normal
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx

> Is it possible that two domain kernels running on the same physical core
but on different ht threads leak information to each other exploiting
this covert/side channels?

It is possible. When exploited, this is a fairly high bandwiidth channel. It is 
possible for the nucleus to prevent this through page coloring. 

All that being said, future processors are moving from HT to multicore. The 
problem then migrates to the L2 cache, where coloring is much less effective. 
It is unlikely that there exists any satisfsactory solution short of flushing 
or disabling the cache, neither of which is pragmatically viable.

Current high assurance requirements don't require that you solve  the channel 
problem. They require that you characterize them and make a reasonable efffort 
to minimize them.

Shap


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] HT Vulnerability CAN-2005-0109, Nils Toedtmann Re: [Xen-devel] HT Vulnerability CAN-2005-0109, Mark Williamson Re: [Xen-devel] HT Vulnerability CAN-2005-0109, David Hopwood Re: [Xen-devel] HT Vulnerability CAN-2005-0109, Mark Williamson Re: [Xen-devel] HT Vulnerability CAN-2005-0109, Nils Toedtmann Re: [Xen-devel] HT Vulnerability CAN-2005-0109, David Hopwood Re: [Xen-devel] HT Vulnerability CAN-2005-0109, Jonathan S. Shapiro <= Re: [Xen-devel] HT Vulnerability CAN-2005-0109, Mark Williamson Re: [Xen-devel] HT Vulnerability CAN-2005-0109, Jonathan S. Shapiro Re: [Xen-devel] HT Vulnerability CAN-2005-0109, Mark Williamson RE: [Xen-devel] HT Vulnerability CAN-2005-0109, Ian Pratt RE: [Xen-devel] HT Vulnerability CAN-2005-0109, Nils Toedtmann

Previous by Date:	Re: [Xen-devel] Genapic, Keir Fraser
Next by Date:	Re: [Xen-devel] Re: Genapic, Keir Fraser
Previous by Thread:	Re: [Xen-devel] HT Vulnerability CAN-2005-0109, David Hopwood
Next by Thread:	Re: [Xen-devel] HT Vulnerability CAN-2005-0109, Mark Williamson
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix