On Fri, Jun 01, 2018 at 01:15:44PM +0000, procmem wrote: > > > Stefan Hajnoczi: > > On Mon, May 21, 2018 at 11:24:43PM +0000, procmem wrote: > >> Hi I'm a privacy distro maintainer investigating the implications of the > >> newly published nethammer attack [0] on KVM guests particularly the > >> virtio-net drivers. The summary of the paper is that rowhammer can be > >> remotely triggered by feeding susceptible* network driver crafted > >> traffic. This attack can do all kinds of nasty things such as modifying > >> SSL certs on the victim system. > >> > >> * Susceptible drivers are those relying on Intel CAT, uncached memory or > >> the clflush instruction. > >> > >> My question is, do virtio-net drivers do any of these things? > > I have CCed Michael Tsirkin and Jason Wang, the virtio maintainers. > > > >> *** > >> > >> [0] https://arxiv.org/abs/1805.04956 > >> > >> > >> > > Thanks :) I thought my message was forgotten
I don't think virtio is using either of these. Linux does support CAT AFAIK but it has nothing to do with virtio. -- MST
