Hi, Am 13.06.2013 08:09, schrieb Peter Lieven: > I was thinking if it would be a good idea to zeroize all memory > resources on system reset and > madvise dontneed them afterwards.
The current way of not zeroing memory has led to discovery of some firmware bugs that we wouldn't have found if QEMU defaulted to zeroing. > This would avoid system reset attacks > in case the attacker > has only access to the console of a vServer but not on the physical host > and it would shrink > RSS size of the vServer siginificantly. Apart from the guest issue Stefan brought up (so far by definition we do a hard reset, so guests cannot assume soft reset semantics, but we should keep our options open), would not zeroing while marking pages as unused be an option? E.g., -reset-memory=DEADBEEF or some other command-line-specifiable pattern, absence would mean current behavior. Regards, Andreas -- SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
