Hardening agains Meltdown and Spectre

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Hardening agains Meltdown and Spectre

Patrick Noack

Hi all,

I am still unsure, if its enough to patch all virtual-machines running on a Xenserver to harden agains Meltdown and Spectre Attacks. Does the system stay vulnerable, if the Xenserver itself isn't running a patched kernel, when all the VMs are uptodate?

Thanks in advance, Patrick


_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xenproject.org/mailman/listinfo/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Hardening agains Meltdown and Spectre

Dario Faggioli
On Fri, 2018-01-05 at 19:20 +0100, Patrick Noack wrote:
> Hi all,
>
Hi,

> I am still unsure, if its enough to patch all virtual-machines
> running on a Xenserver to harden agains Meltdown and Spectre Attacks.
>
If you are talking about XenServer --the Citrix product-- you should
ask on their forums/support channels.

A quick google search brought up this for me:
https://support.citrix.com/article/CTX231390

If you're talking about Xen-Project, then it's fine to discuss this
here. A more than good starting point would be:
https://blog.xenproject.org/2018/01/04/xen-project-spectremeltdown-faq/

Dario
--
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xenproject.org/mailman/listinfo/xen-users

signature.asc (849 bytes) Download Attachment