On Wed, January 10, 2018 10:21 pm, Vít Šesták wrote: > Meltdown can be mitigated by using HVM/PVH. If you look at the XSA, they > also have prepared PV-in-PVH mode that mitigates it also for PVs. (This
I pointed this one out too last week, sounds interesting. > probably won't work for CPUs without VT-x/AMD-v, but those are rare > today. It also probably won't work for VMs with PCI devices if system > does not support IOMMU (AKA VT-d), but in this case, you are already > doomed due to DMA attacks.) So, Meltdown seems to be easily mitigated, it > is just matter of time. > > It seems that PV-in-PVH is going to fix some other issues. IIUC, it > should mitigate all PV-specific vulnerabilities and even bring PVH for > stubdoms, which sounds as a nice side effect of Meltdown fix. Agreed. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8c3f5d490882d44d305d6fa4853ac70f.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
