[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
From: Stefano Stabellini <sstabellini@xxxxxxxxxx>
Date: Wed, 7 Sep 2016 15:01:59 -0700 (PDT)
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Lars Kurth <lars.kurth.xen@xxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, committers@xxxxxxxxxxxxxx, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Meng Xu <xumengpanda@xxxxxxxxx>
Delivery-date: Wed, 07 Sep 2016 22:02:12 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Wed, 7 Sep 2016, Andrew Cooper wrote:
> On 07/09/2016 22:02, Stefano Stabellini wrote:
> > On Wed, 7 Sep 2016, Meng Xu wrote:
> >> On Wed, Sep 7, 2016 at 3:08 PM, Stefano Stabellini
> >> <sstabellini@xxxxxxxxxx> wrote:
> >>> On Wed, 7 Sep 2016, Ian Jackson wrote:
> >>>>> Technical
> >>>>> =========
> >>>>> On the technical front, it would be good to understand whether
> >>>>> a) This is a real threat and whether thus, we as a community need to
> >>>>>    take action
> >>>> It is unclear what action the Xen upstream community can usefully
> >>>> take, other than providing users with information.
> >>>>
> >>>> But, users with deployments on actual hardware ought to try to find
> >>>> out whether they are vulnerable.  If they are then they could seek
> >>>> replacement non-faulty hardware from their vendor, or take unpleasant
> >>>> migitation measures (like switching to HVM, perhaps).
> >>> How difficult is to check for it?
> >>>
> >>> Is there a simple test, maybe a little executable, that users could use
> >>> to find out whether their ram is vulnerable? That would be extremely
> >>> valuable.
> >> Google does have a github repo to do the rowhammer test:
> >> https://github.com/google/rowhammer-test
> > Nice! It would be good to document this in a Xen Project document
> > somewhere.
> >
> > The code is small enough that we could even consider pulling it in Xen
> > and running it at boot time (obviously it would be a kconfig option to
> > compile and a xen command line option to run the test). In case of
> > failure we could WARN the sysadmin and refuse to continue.
> 
> -10 for any code in the hypervisor.  That is a knee-jerk reaction.  By
> the same logic, we should also embed memtest and run that during boot.

The difference is that errors typically caught by memtest, such as bad
ram regions, don't end up causing privilege escalations.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process
  - From: Lars Kurth
- Re: [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process
  - From: Ian Jackson
- Re: [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process
  - From: Stefano Stabellini
- Re: [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process
  - From: Meng Xu
- Re: [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process
  - From: Stefano Stabellini
- Re: [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [PATCH v6 2/2] qdisk - hw/block/xen_disk: grant copy implementation
Next by Date: [Xen-devel] [PATCH Altp2m cleanup v4 2/4] altp2m cleanup work
Previous by thread: Re: [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process
Next by thread: Re: [Xen-devel] Impact of HW vulnerabilities & Implications on Security Vulnerability Process
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.