[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Virtio-net drivers immune to Nethammer?
From: |
Michael S. Tsirkin |
Subject: |
Re: [Qemu-devel] Virtio-net drivers immune to Nethammer? |
Date: |
Fri, 1 Jun 2018 18:58:20 +0300 |
On Fri, Jun 01, 2018 at 01:15:44PM +0000, procmem wrote:
>
>
> Stefan Hajnoczi:
> > On Mon, May 21, 2018 at 11:24:43PM +0000, procmem wrote:
> >> Hi I'm a privacy distro maintainer investigating the implications of the
> >> newly published nethammer attack [0] on KVM guests particularly the
> >> virtio-net drivers. The summary of the paper is that rowhammer can be
> >> remotely triggered by feeding susceptible* network driver crafted
> >> traffic. This attack can do all kinds of nasty things such as modifying
> >> SSL certs on the victim system.
> >>
> >> * Susceptible drivers are those relying on Intel CAT, uncached memory or
> >> the clflush instruction.
> >>
> >> My question is, do virtio-net drivers do any of these things?
> > I have CCed Michael Tsirkin and Jason Wang, the virtio maintainers.
> >
> >> ***
> >>
> >> [0] https://arxiv.org/abs/1805.04956
> >>
> >>
> >>
>
> Thanks :) I thought my message was forgotten
I don't think virtio is using either of these.
Linux does support CAT AFAIK but it has nothing to do with virtio.
--
MST