[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] SUPPORT.md: Un-shimmed 32-bit PV guests are no longer supported


  • To: <security@xxxxxxxxxxxxxx>
  • From: George Dunlap <george.dunlap@xxxxxxxxxx>
  • Date: Thu, 6 May 2021 13:29:15 +0100
  • Authentication-results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none
  • Cc: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>
  • Delivery-date: Thu, 06 May 2021 12:29:28 +0000
  • Ironport-hdrordr: A9a23:O7CUia+1rRAioC+WOSFuk+DWI+orL9Y04lQ7vn2YSXRuE/Bw8P re+8jztCWE8Qr5N0tQ+uxoVJPufZq+z+8Q3WByB8bBYOCOggLBR+sOgbcKqweQfREWndQ86U 4PScZD4aXLfD1Hsfo=
  • Ironport-sdr: 23lC3dv3tj/qmPSffcLyqiz6SurvbL6V1iiNBgWW4MKWKsHSq0CDg6TRrAvOcsWLlK4o29m/Ke GDsOxqw0f0giscR2Po8TV9207lGjj7YUfcBduZ73ctrsG/kZX99+AO3xeOg+MWDKulqwqn7lSn rP82/Ev67pVIDCzcmKAv5YlSd06cV2qzCY3vEee2O1bULJx6yNWzN3R9Qa4bQo55xYmAgOeB+n IF1CAPPalh1aSVp7VZIR3dj8vtznPtwYtlsT6OeTF1XUCZzuiSfWfU+ZdSLr6eRqOFzsLIexcy BPg=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

The support status of 32-bit guests doesn't seem particularly useful.

Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
---

NB this patch should be considered a proposal to the community, as a
follow-on to XSA-370.  As mentioned in the advisory, we will wait
until 25 May for comments before checking it in.
---
 SUPPORT.md | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/SUPPORT.md b/SUPPORT.md
index d0d4fc6f4f..a29680e04c 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -86,14 +86,7 @@ No hardware requirements
 
     Status, x86_64: Supported
     Status, x86_32, shim: Supported
-    Status, x86_32, without shim: Supported, with caveats
-
-Due to architectural limitations,
-32-bit PV guests must be assumed to be able to read arbitrary host memory
-using speculative execution attacks.
-Advisories will continue to be issued
-for new vulnerabilities related to un-shimmed 32-bit PV guests
-enabling denial-of-service attacks or privilege escalation attacks.
+    Status, x86_32, without shim: Supported, not security supported
 
 ### x86/HVM
 
-- 
2.30.2




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.