lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <5D00D1A602000078002376A9@prv1-mh.provo.novell.com>
Date:   Wed, 12 Jun 2019 04:19:18 -0600
From:   "Jan Beulich" <JBeulich@...e.com>
To:     "Juergen Gross" <jgross@...e.com>
Cc:     "Borislav Petkov" <bp@...en8.de>,
        "Stefano Stabellini" <sstabellini@...nel.org>,
        "the arch/x86 maintainers" <x86@...nel.org>, <tglx@...utronix.de>,
        "xen-devel" <xen-devel@...ts.xenproject.org>,
        "Boris Ostrovsky" <boris.ostrovsky@...cle.com>, <mingo@...hat.com>,
        <linux-kernel@...r.kernel.org>, <hpa@...or.com>
Subject: Re: [Xen-devel] [PATCH] x86/xen: disable nosmt in Xen guests

>>> On 12.06.19 at 12:12, <jgross@...e.com> wrote:
> When running as a Xen guest selecting "nosmt" either via command line
> or implicitly via default settings makes no sense, as the guest has no
> clue about the real system topology it is running on. With Xen it is
> the hypervisor's job to ensure the proper bug mitigations are active
> regarding smt settings.

I don't agree with the second sentence: It is in principle fine for the
hypervisor to expose HT (i.e. not disable it as bug mitigation), and
leave it to the guest kernels to protect themselves. We're just not
at the point yet where Xen offers sufficient / reliable data to guest
kernels to do so, so _for the time being_ what you say is correct.

Jan


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ