Dario Faggioli
@ SUSE
Dario’s first contact with Open Source was with the Linux kernel community, during his Ph.D on real-time systems. He now works for SUSE, in the virtualization team, on both Xen and KVM hypervisors. His focus is on low level (kernel and hypervisor) components, but he does some userspace coding, from time to time. In 2010 (during the Ph.D) he was invited to talk about real-time scheduling at the Linux Kernel Summit. Since 2012, he has given talks and presentations about his work on Xen at various conferences and events, such as, Linux Plumbers Conference, Xen Project Developers Summit and FOSDEM.
Talks
2018 | Virtualization in the age of speculative execution hardware bugs |
---|---|
45'
|
Can you possibly *speculate* how badly the *spectre* of the hardware bugs, recently discovered in microprocessors, haunts virtualized systems (like Xen & KVM)? Are things fine, or is everything going to *meltdown*? Come to the talk, and let’s discuss this together…
At the beginning of 2018, Meltdown and Spectre taught us that speculative execution can, from deep down inside our super fast processors, pose some security concerns. During the following months, more Spectre variants, L1TF, etc, taught us how really serious such concerns needed to be.
One of the interesting things about this class of security issues, is that they do not come, like most bugs, from someone’s “mistake”. In fact, they represent the failure of fundamental assumptions that CPU designers have been relying on for years.
This talk will give a quick overview of speculative execution, and of how the attacks work, at a high level. Then, it will go through how these vulnerabilities could be exploited in virtualized environments. It will also try to explain what the main mitigations are, and how they work, for the two main Open Source virtualization solutions, Xen and KVM.
|