From: Tim Deegan <Tim.Deegan@citrix.com>
To: "Cihula, Joseph" <joseph.cihula@intel.com>
Cc: Ian Campbell <Ian.Campbell@eu.citrix.com>,
"xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>
Subject: Re: Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI
Date: Tue, 24 May 2011 10:03:37 +0100 [thread overview]
Message-ID: <20110524090337.GA10643@whitby.uk.xensource.com> (raw)
In-Reply-To: <4F65016F6CB04E49BFFA15D4F7B798D901B77B5973@orsmsx506.amr.corp.intel.com>
At 22:35 +0100 on 23 May (1306190138), Cihula, Joseph wrote:
> > This is exactly the behaviour we already have if you don't have an iommu at all. The installer
> > already needs to figure out whether there's an IOMMU, or make it optional.
> >
> > If you really want to rely on TXT and Xen to mutuallly secure each other, then as far as I can see
> > you _need_ an interrupt remapper in all your supported hardware. That being the case, iommu=force
>
> Let me take one more shot at this, since no one has yet refuted my
> original points.
>
> Why do you *need* IR to have a secure Xen w/ TXT? Certainly a DoS is
> very undesirable, but that is not really a security issue. Tell me
> what security exploits are still possible with the current patches.
The Invisible Things paper lists a selection of possible attack vectors.
That they only developed and disclosed one actual exploit is, AIUI, as
much a question of manpower as anything else. I haven't seen any
analysis from Intel to suggest otherwise.
I think Ian's latest patch is the right thing to do. But since I'm not
a maintainer of that piece of code, and since in practice the decision
will be made for most people by product and distro engineers anyway, I'm
not going to chase this thread around any more.
Cheers,
Tim.
--
Tim Deegan <Tim.Deegan@citrix.com>
Principal Software Engineer, Xen Platform Team
Citrix Systems UK Ltd. (Company #02937203, SL9 0BG)
next prev parent reply other threads:[~2011-05-24 9:03 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-17 7:42 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI Jan Beulich
2011-05-17 22:52 ` Cihula, Joseph
2011-05-18 8:54 ` Ian Campbell
2011-05-19 20:48 ` Cihula, Joseph
2011-05-20 10:17 ` Tim Deegan
2011-05-20 16:02 ` Cihula, Joseph
2011-05-22 18:14 ` Tim Deegan
2011-05-23 21:35 ` Cihula, Joseph
2011-05-24 9:03 ` Tim Deegan [this message]
2011-05-24 16:56 ` Ian Jackson
2011-05-24 19:23 ` Cihula, Joseph
2011-05-25 10:46 ` Alan Cox
2011-05-20 17:19 ` Ian Jackson
2011-05-22 18:15 ` Tim Deegan
2011-05-23 9:02 ` Ian Campbell
2011-05-24 15:15 ` Ian Jackson
2011-05-24 15:57 ` Keir Fraser
2011-05-24 16:16 ` Ian Pratt
2011-05-24 17:14 ` Ian Jackson
2011-05-24 19:35 ` Cihula, Joseph
2011-05-25 10:13 ` Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI [and 2 more messages] Ian Jackson
2011-06-01 18:06 ` Cihula, Joseph
-- strict thread matches above, loose matches on Subject: below --
2011-05-12 13:48 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI Ian Jackson
2011-05-12 13:49 ` Ian Jackson
2011-05-13 8:08 ` Jan Beulich
2011-05-13 11:08 ` Joanna Rutkowska
2011-05-13 11:11 ` Ian Campbell
2011-05-13 11:20 ` Joanna Rutkowska
2011-05-13 12:34 ` Jan Beulich
2011-05-13 12:29 ` Jan Beulich
2011-05-13 12:50 ` Tim Deegan
2011-05-13 10:25 ` Ian Campbell
2011-05-16 21:34 ` Cihula, Joseph
2011-05-18 8:53 ` Ian Campbell
2011-05-18 10:03 ` Keir Fraser
2011-05-18 10:06 ` Ian Campbell
2011-05-13 17:32 ` Joanna Rutkowska
2011-05-13 17:35 ` Joanna Rutkowska
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110524090337.GA10643@whitby.uk.xensource.com \
--to=tim.deegan@citrix.com \
--cc=Ian.Campbell@eu.citrix.com \
--cc=joseph.cihula@intel.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.