|
|
|
|
|
|
by yjftsjthsd-h
259 days ago
|
|
|
Since the attack does work cross-VM with KVM, it would then seem that Xen really has two advantages, and it kinda only got out unscathed because of the combination of both: * management stuff mostly lives in Dom0 * Xen does the flushes to protect VMs from each other If you didn't do the first, then attacks on the host might work, and if you didn't do the second then attacks on Dom0 might work, but the combination blocks both vectors. Is that about right? |
|
|