WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] HT Vulnerability CAN-2005-0109

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-devel] HT Vulnerability CAN-2005-0109
From: David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx>
Date: Thu, 19 May 2005 00:09:21 +0100
Delivery-date: Wed, 18 May 2005 23:08:49 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <200505181548.48629.mark.williamson@xxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <1116427424.4496.17.camel@xxxxxxxxxxxxxxxxxxxxxxx> <200505181548.48629.mark.williamson@xxxxxxxxxxxx>
Reply-to: david.nospam.hopwood@xxxxxxxxxxxxxxxx
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
Mark Williamson wrote:
Just stumbled on /. upon CAN-2005-0109 and wonder if xen is affected:

 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0109>
 <http://www.daemonology.net/hyperthreading-considered-harmful/>

This vulnerability could (in principle) affect isolation between Xen VMs. It's not clear how exploitable it is, though.

It's clear that it is very exploitable.

Covert channels will *always* be there.

Yes. As you say, the problem is the side channel attack, not the covert
channel.

Someone has yet to release code that'll actually exploit these theoretical holes, so it's not clear how big a problem is in practice.

Huh? That sounds like something I would expect to hear from a Microsoft
marketroid. The paper includes code for the side channel attack (Figure 1
in <http://www.daemonology.net/papers/htt.pdf>), and even if it didn't, it
would be easy to replicate.

--
David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx>


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel