ksmd should be opt-in rather than opt-out
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| qemu (Ubuntu) |
Confirmed
|
Undecided
|
Sergio Durigan Junior | ||
Bug Description
This was originally raised in https:/
> > +ksmd
>$
> I'm concerned about this change. Historically, the page-merging
> code has allowed cross-VM snooping, including even recovery of
> GnuPG private keys: https:/
>$
> Unless something has changed to mitigate the cross-domain privacy
> leaks in ksmd, it ought to be opt-in for administrators to select
> if all their VMs are in the same security domain.
There's a collection of references on Wikipedia https:/
I realize KSM is the difference between some workloads working and not working, so I'm not proposing that it be removed entirely. It has its place. But I also think it should be opt-in rather than opt-out.
Thanks
| Mitchell Dzurick (mitchdz) wrote | #1 |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in qemu (Ubuntu): | |
| status: | New → Confirmed |
| Thomas Bechtold (toabctl) wrote | #3 |
| tags: | added: server-todo |
| Changed in qemu (Ubuntu): | |
| assignee: | nobody → Sergio Durigan Junior (sergiodj) |
Hi Seth, thanks for making the bug report!
Did you see Thomas' recent comment in the original bug? https:/
Does having it enabled only when installing ksmtuned good enough?