Now that everything has been set to go as described in Part 1 (Key technical obstacles for Live Patching Meltdown), Part 2 (Virtual address mappings and the Meltdown vulnerability) and Part 3 (Changes needed for Translation Lookaside Buffer (TLB) flushing primitives), the last missing piece is to actually replace the entry code and make it […]
Tag: Meltdown
By:
May 7, 2018 1:54 pm
616 views
By:
May 4, 2018 12:20 pm
556 viewsLive Patching Meltdown – SUSE Engineer’s research project (Part 3)
Building upon the Part 1 (Key technical obstacles for Live Patching Meltdown) and the Part 2 (Virtual address mappings and the Meltdown vulnerability), let’s now address the needed changes to the TLB flushing primitives. In order to resolve virtual to physical addresses, a CPU must traverse the page table tree. This is a costly thing to […]
Tags: kGraft, Live Patching, Meltdown
Categories: SUSE Linux Enterprise Live Patching
By:
May 3, 2018 11:59 am
552 viewsLive Patching Meltdown – SUSE Engineer’s research project (Part 2)
Following up on the Part 1 about key technical obstacles for Live Patching Meltdown, in this blog I will give you some background on virtual address mappings in context of the Meltdown vulnerability and look at patching kGraft itself! Virtually mapped memory is a protection feature provided by the CPU, orthogonal to the privilege separation […]
Tags: kGraft, Live Patching, Meltdown
Categories: SUSE Linux Enterprise Live Patching
By:
May 2, 2018 2:37 pm
1,298 viewsLive Patching Meltdown – SUSE Engineer’s research project (Part 1)
Meltdown is one of the biggest and complex security vulnerabilities that happened recently and impacted almost everyone. I am a SUSE live patching engineer and wanted to share with you how unique fixing this vulnerability was in terms of scope and complexity. My goal was to see if I could also create a live patch […]
Tags: kGraft, Live Patching, Meltdown
Categories: SUSE Linux Enterprise Live Patching
By:
March 1, 2018 5:34 pm
731 viewsMeltdown / Spectre – a PM view
Now that some time has passed and we are through another round of patches / updates, here is a perspective on how handling the Meltdown and Spectre vulnerabilities looked. As of now, Meltdown and Spectre are mostly behind us. Well maybe not from a chip manufacturer perspective, but it is from a SUSE update perspective. Times […]
Categories: CSP, Server, SUSE in the Cloud, SUSE Linux Enterprise, SUSE Linux Enterprise Server
By:
January 4, 2018 7:58 am
71,110 viewsSUSE Addresses Meltdown and Spectre Vulnerabilities
Yesterday the security community and a number of IT vendors announced the existence of several hardware security vulnerabilities that allow potential exploits across a range of hardware architectures and operating systems including but not limited to Linux. https://meltdownattack.com/ SUSE engineers have been collaborating with our partners and the Linux community on upstream Linux kernel patches. […]
Tags: Meltdown, Security, Security Vulnerabilities, Spectre
Categories: Announcements, Compliance, Containers as a Service, Server, SUSE CaaS Platform, SUSE Linux Enterprise, SUSE Linux Enterprise Desktop, SUSE Linux Enterprise Server, SUSE News, Technical Solutions
Social Media
