ksmd should be opt-in rather than opt-out
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
qemu (Ubuntu) |
Confirmed
|
Undecided
|
Sergio Durigan Junior |
Bug Description
This was originally raised in https:/
> > +ksmd
>$
> I'm concerned about this change. Historically, the page-merging
> code has allowed cross-VM snooping, including even recovery of
> GnuPG private keys: https:/
>$
> Unless something has changed to mitigate the cross-domain privacy
> leaks in ksmd, it ought to be opt-in for administrators to select
> if all their VMs are in the same security domain.
There's a collection of references on Wikipedia https:/
I realize KSM is the difference between some workloads working and not working, so I'm not proposing that it be removed entirely. It has its place. But I also think it should be opt-in rather than opt-out.
Thanks
tags: | added: server-todo |
Changed in qemu (Ubuntu): | |
assignee: | nobody → Sergio Durigan Junior (sergiodj) |
Hi Seth, thanks for making the bug report!
Did you see Thomas' recent comment in the original bug? https:/ /bugs.launchpad .net/cloud- images/ +bug/2032933/ comments/ 21
Does having it enabled only when installing ksmtuned good enough?