From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joanna Rutkowska Subject: Re: Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI Date: Fri, 13 May 2011 13:20:45 +0200 Message-ID: <4DCD140D.9000108@invisiblethingslab.com> References: <19915.58644.191837.671729@mariner.uk.xensource.com> <4DCD030902000078000412C8@vpn.id2.novell.com> <4DCD1120.5020606@invisiblethingslab.com> <1305285108.31488.105.camel@zakaz.uk.xensource.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0437389055==" Return-path: In-Reply-To: <1305285108.31488.105.camel@zakaz.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Ian Campbell Cc: Ian Jackson , "xen-devel@lists.xensource.com" , Keir Fraser , Jan Beulich List-Id: xen-devel@lists.xenproject.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0437389055== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig33DDE860305C54DB2E3917F5" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig33DDE860305C54DB2E3917F5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 05/13/11 13:11, Ian Campbell wrote: > On Fri, 2011-05-13 at 12:08 +0100, Joanna Rutkowska wrote: >> On 05/13/11 10:08, Jan Beulich wrote: >=20 >>> Finally, wouldn't killing all guests that potentially could have caus= ed >>> the problem be a better measure than bringing down the host? >>> >> >> Killing the guest might no longer be enough, because the guest might >> have already programmed the device to keep sending malicious MSIs. >=20 > Is it even possible to know which guest triggered the MSI, or is the > best you can do the set of all guests with an MSI capable device passed= > through? >=20 Ah, probably you're right -- if we have more than one driver domain, then I think LAPIC would not tell us which device genrated the MSI. In fact it's not really correct to assume that it must have been a guest with a "MSI capable device" -- note that we don't trigger the MSI via the official MSI triggering mechanism. joanna. --------------enig33DDE860305C54DB2E3917F5 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNzRQNAAoJEDaIqHeRBUM0Z7UIAJPVL5BRc0AwyIOLd4S8GaZO lO/DFkP8lDigu5N4pcYT0paHHBq0IyOuqEqCEZYZ+uK/fyHaH8KxcD33/bXZ8umD wX+BYHRbW2nnn3qTdSbTzut5EQwlHFYZYmb5zmxN1wM4AbHM1mh+g2eOg9EdYcg7 SU7JBKmsW+fXfBcgQUnry6cY+O8GPXD3Ny+319qEubE/1CXdXs03pAxAgXcFZEQx 6FKS8neSgitgr1WRx1C3Y3A/5NuddHA8cdan0Av8poIZpTo8g/Skgh7X4vOhseKH ctGLKkJ6btkpcKlJ3WTVW9yIGG0LKRMireULJJXUXjuOabokYtDq8YlFCQqHOIU= =yNkj -----END PGP SIGNATURE----- --------------enig33DDE860305C54DB2E3917F5-- --===============0437389055== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --===============0437389055==--