Re: [bitfolk] Spectre / Meltdown CPU bugs - short notice reb…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MAndy Smith at <-
M 

Reply to this message
Author: Richard Glynos
Date:  
To: users, Andy Smith, announce
Subject: Re: [bitfolk] Spectre / Meltdown CPU bugs - short notice reboots will be needed, little other info yet
I, like many others I am sure, really appreciate your clear communication on this subject Andy, sensible consideration of options and plans for moving forward.

Cheers,

Richard.

On 11 January 2018 22:39:44 CET, Andy Smith <andy@???> wrote:
>On Thu, Jan 04, 2018 at 03:23:45PM +0000, Andy Smith wrote:
>> I will post again when there is any useful information.
>
>https://xenbits.xen.org/xsa/advisory-254.html
>
>A technical update follows. The non-technical version of it is:
>
>The Xen Project have released a mitigation for one of the three bugs
>("Meltdown") which I will be reviewing over the next couple of days.
>They also have a different mitigation for the same bug, which they
>aren't quite ready with, but I do like the sound of that one a bit
>more so might end up going with that one.
>
>It seems likely that there will be some required reboots early next
>week.
>
>The more technical version:
>
>The Xen Project have updated the XSA notice with a mitigation for
>Meltdown that involves converting all the guests so they still run
>as PV mode but inside HVM containers ("Vixen"). That would mitigate
>the Meltdown bug for Xen, although the guests would still need their
>KPTI patches.
>
>I don't like the HVM aspect of it but as it is what is available
>now, I will spend the next couple of days looking into it, and it
>may get deployed over the weekend or early next week.
>
>The other resolution is to backport the PVHv2 Xen mode back from Xen
>4.10 to 4.8 and then either use that directly (PVHv2 requires
>reasonably new guest kernels) or else again run them as PV-in-PVH.
>Although I prefer the sound of this, they aren't ready with it yet,
>and it hasn't received as much testing yet. Vixen comes from Amazon
>and is apparently what every PV-mode AWS VM is running under.
>
>If we end up going with Vixen then host reboots won't initially be
>required, as it is something that guests reboot into.
>
>Please be aware however that on BitFolk's side there are going to be
>both BIOS updates and CPU microcode updates to come, which will be
>necessary for later kernel-based fixes to work, so there will
>definitely be at least one set of host reboots some time soon.
>
>Cheers,
>Andy
>
>--
>https://bitfolk.com/ -- No-nonsense VPS hosting
This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] Spectre / Meltdown CPU bugs - short notice reboots will be needed, little other info yet[bitfolk] Problem to Access my Webservers->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.3)