[GTALUG] python sweetness — The mysterious case of the Linux Page Table
dhaval.giani at gmail.com
Thu Jan 4 00:08:16 EST 2018
On Wed, Jan 3, 2018 at 11:59 PM Russell Reiter <rreiter91 at gmail.com> wrote:
> On January 3, 2018 10:56:30 PM EST, Dhaval Giani <dhaval.giani at gmail.com>
> >gives the gory details
> >At this point, I cannot stress on how important it is to update your
> >systems as soon as your distribution ships them. I am hoping this
> >remains to be a once in a lifetime event.
> I admire your optimism. To me it looks like this is a kind of example of
> feeping creaturisim in hypervisor's; not necessarily an easy patch.
I am unsure what you are implying. This is a hardware issue which has been
fixed in software. There are exploits out already that I am seeing able to
run through your web browser. This is serious stuff. Also unsure what this
has to do with hypervisors apart from them also needing to mitigate this
> The idea of the necessity of some sort of kernel isolation has been around
> for quite a while. In part as a response to the ease with which userland
> interpreters can polute kernelspace.
> I've read that some of the proposed solutions could add as much as a 30%
> operational overhead. Not much of an issue for average home users but for
> enterprise this could be a real game changer.
The 30% overhead is for a pathological case. A 5-10% overhead is more
likely. And do you honestly think that upstream is not going to work on
getting that overhead down?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the talk