Nicolai Stange, Author at SUSE Communities

May 7, 2018 1:54 pm

2,081 views

Live Patching Meltdown – SUSE Engineer’s research project (Part 4 – The Conclusion)

Now that everything has been set to go as described in Part 1 (Key technical obstacles for Live Patching Meltdown), Part 2 (Virtual address mappings and the Meltdown vulnerability) and Part 3 (Changes needed for Translation Lookaside Buffer (TLB) flushing primitives), the last missing piece is to actually replace the entry code and make it […]

Tags: kGraft, Live Patching, Meltdown

Categories: SUSE Linux Enterprise Live Patching

By: Nicolai Stange

May 4, 2018 12:20 pm

1,822 views

Live Patching Meltdown – SUSE Engineer’s research project (Part 3)

Building upon the Part 1 (Key technical obstacles for Live Patching Meltdown) and the Part 2 (Virtual address mappings and the Meltdown vulnerability), let's now address the needed changes to the TLB flushing primitives. In order to resolve virtual to physical addresses, a CPU must traverse the page table tree. This is a costly […]

Tags: kGraft, Live Patching, Meltdown

Categories: SUSE Linux Enterprise Live Patching

By: Nicolai Stange

May 3, 2018 11:59 am

2,004 views

Live Patching Meltdown – SUSE Engineer’s research project (Part 2)

Following up on the Part 1 about key technical obstacles for Live Patching Meltdown, in this blog I will give you some background on virtual address mappings in context of the Meltdown vulnerability and look at patching kGraft itself! Virtually mapped memory is a protection feature provided by the CPU, orthogonal to the privilege separation […]

Tags: kGraft, Live Patching, Meltdown

Categories: SUSE Linux Enterprise Live Patching

By: Nicolai Stange

May 2, 2018 2:37 pm

4,405 views

Live Patching Meltdown – SUSE Engineer’s research project (Part 1)

Meltdown is one of the biggest and complex security vulnerabilities that happened recently and impacted almost everyone. I am a SUSE live patching engineer and wanted to share with you how unique fixing this vulnerability was in terms of scope and complexity. My goal was to see if I could also create a live patch […]

Tags: kGraft, Live Patching, Meltdown

Categories: SUSE Linux Enterprise Live Patching

Author: Nicolai Stange

Live Patching Meltdown – SUSE Engineer’s research project (Part 4 – The Conclusion)

Live Patching Meltdown – SUSE Engineer’s research project (Part 3)

Live Patching Meltdown – SUSE Engineer’s research project (Part 2)

Live Patching Meltdown – SUSE Engineer’s research project (Part 1)

Section Title

Search

Social Media

Recent Posts Title

Recent Blog Posts

Recent Posts

Popular Posts Title

Popular Blog Posts

Popular Posts

Categories

Archives

About Links

Author: Nicolai Stange

Live Patching Meltdown – SUSE Engineer’s research project (Part 4 – The Conclusion)

Live Patching Meltdown – SUSE Engineer’s research project (Part 3)

Live Patching Meltdown – SUSE Engineer’s research project (Part 2)

Live Patching Meltdown – SUSE Engineer’s research project (Part 1)

Section Title

Search

Social Media

Recent Posts Title

Recent Blog Posts

Recent Posts

Popular Posts Title

Popular Blog Posts

Popular Posts

Categories

Archives

About Links

Support Offerings

Global Services

Support Resources

Partners

Communities

About