undefined | Better HN

0 pointszorpner11y ago0 comments

(Compared to, running the same software on the same hardware using a single OS). I don't think so.

If you had been running an OpenBSD instance on hardware as a single OS, you would not be vulnerable to having your system's memory read by this hypervisor bug. So... yes.

0 comments

7 comments · 3 top-level

amluto11y ago· 2 in thread

This is nonsense.

A single OpenBSD kernel on bare metal can do whatever it pleases.

A Linux kernel on Xen HVM could, due to this bug, do slightly more than it ought to have been able to do.

(In this sense, the LLDT bug was worse.)

zorpnerOP11y ago

You have an incoherent mental threat model of this. Those two systems are functionally identical to the end user to which they are being sold, but one is vulnerable (in this specific way) to the actions of other customers with the same service provider.

amluto11y ago

This has nothing to do with threat models and everything to do with usecases that make no sense on OpenBSD.

With OpenBSD on bare metal, you are not vulnerable to other users of the same bare metal, because there aren't any.

With Linux on bare metal, you are not vulnerable to other users of the same bare metal, because there aren't any.

With Linux on Xen, you are reasonably resistant to other users of the same bare metal (and XSA-108 wasn't even all that severe).

With OpenBSD on Xen... oh, wait.

1 more reply

comex11y ago· 2 in thread

Every kernel (not named seL4) has vulnerabilities. The question is not whether OpenBSD would have been vulnerable to this specific issue, but whether Xen generally has fewer bugs than the OpenBSD kernel - or, for that matter, the Linux kernel, since the grandparent mentioned a bunch of Linux sandboxing technologies.

edit: To be absolutely clear, per the grandparent, I'm assuming an environment where unrelated people are running software on the same hardware, either using their own kernel under Xen or user processes under jails.

amluto11y ago

And if any thinks that the awesome perfection of OpenBSD's authors outweighs the vastly smaller attack surface of something like Xen, I think that they're deluding themselves.

ris11y ago

"the vastly smaller attack surface of something like Xen"

Um, citation needed. The exact behaviour of the entire x86 supervisor mode instruction set is not remotely a "small attack surface".

2 more replies

rodgerd11y ago

I'll take the world where we have the odd hypervisor vulnerability over the world where we have to increase power output by multiple orders of magnitudes and pave the planet with datacentres to run every service as a single-instance, non-virtualised server.

I guess Theo prefers runaway global warming to the odd data breach. Which makes him the idiot, to use his own language.

j / k navigate · click thread line to collapse

0 comments

7 comments · 3 top-level

amluto11y ago· 2 in thread

This is nonsense.

A single OpenBSD kernel on bare metal can do whatever it pleases.

A Linux kernel on Xen HVM could, due to this bug, do slightly more than it ought to have been able to do.

(In this sense, the LLDT bug was worse.)

zorpnerOP11y ago

amluto11y ago

This has nothing to do with threat models and everything to do with usecases that make no sense on OpenBSD.

With OpenBSD on bare metal, you are not vulnerable to other users of the same bare metal, because there aren't any.

With Linux on bare metal, you are not vulnerable to other users of the same bare metal, because there aren't any.

With Linux on Xen, you are reasonably resistant to other users of the same bare metal (and XSA-108 wasn't even all that severe).

With OpenBSD on Xen... oh, wait.

1 more reply

comex11y ago· 2 in thread

amluto11y ago

And if any thinks that the awesome perfection of OpenBSD's authors outweighs the vastly smaller attack surface of something like Xen, I think that they're deluding themselves.

ris11y ago

"the vastly smaller attack surface of something like Xen"

Um, citation needed. The exact behaviour of the entire x86 supervisor mode instruction set is not remotely a "small attack surface".

2 more replies

rodgerd11y ago

I guess Theo prefers runaway global warming to the odd data breach. Which makes him the idiot, to use his own language.

j / k navigate · click thread line to collapse