SRU request submitted:
https://lists.ubuntu.com/archives/kernel-team/2018-October/095982.html
** Description changed:
+ == SRU Justification ==
+ This patch has been requested by IBM. It provides a mode where all vCPUs
+ on a core must be the same VM. This is intended for use in
+ security-conscious settings where users are concerned about possible
+ side-channel attacks between threads which could perhaps enable one VM
+ to attack another VM on the same core, or the host.
+
+ == Fix ==
+ linux-next commit:
+ aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
+
+
+ == Regression Potential ==
+ Low. Changes limited to powerpc.
+
+ == Test Case ==
+ A test kernel was built with this patch and tested by the original bug
reporter.
+ The bug reporter states the test kernel resolved the bug.
+
+
+
== Comment: #0 - Leonardo Augusto Guimaraes Garcia <lagar...@br.ibm.com> -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users are
concerned about possible side-channel attacks between threads which
could perhaps enable one VM to attack another VM on the same core, or
the host.
** Also affects: linux (Ubuntu Cosmic)
Importance: Medium
Assignee: Joseph Salisbury (jsalisbury)
Status: In Progress
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
In Progress
Status in linux source package in Cosmic:
In Progress
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia <lagar...@br.ibm.com> -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
