|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v3 1/2] x86: Meltdown band-aid against malicious 64-bit PV guests
On 16/01/18 17:28, Andy Smith wrote: > Hi Jan, > > On Tue, Jan 16, 2018 at 08:21:52AM -0700, Jan Beulich wrote: >> This is a very simplistic change limiting the amount of memory a running >> 64-bit PV guest has mapped (and hence available for attacking): Only the >> mappings of stack, IDT, and TSS are being cloned from the direct map >> into per-CPU page tables. > Can this be used with Comet/Vixen to further protect PV guests? i.e. > if the shim hypervisor has these changes then will it also limit > what a process in the PV guest can see in that shim hypervisor, > which therefore protects its own guest kernel a bit too? Yes. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |