On Wed, Sep 1, 2021 at 5:34 AM Xen.org security team <[email protected]> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Xen Security Advisory CVE-2021-28694,CVE-2021-28695,CVE-2021-28696 / XSA-378 > version 3 > > IOMMU page mapping issues on x86 > > UPDATES IN VERSION 3 > ==================== > > Warn about dom0=pvh breakage in Resolution section. > > ISSUE DESCRIPTION > ================= > > Both AMD and Intel allow ACPI tables to specify regions of memory > which should be left untranslated, which typically means these > addresses should pass the translation phase unaltered. While these > are typically device specific ACPI properties, they can also be > specified to apply to a range of devices, or even all devices. > > On all systems with such regions Xen failed to prevent guests from > undoing/replacing such mappings (CVE-2021-28694).
Hi, Is there a way to identify if a system's ACPI tables have untranslated regions? Does it show up in xen or linux dmesg or can it be identified in sysfs? Thanks, Jason
