logoalt Hacker News

br0cephtoday at 5:54 PM1 replyview on HN

"If you operate an x86 KVM host that accepts multi-tenant guests and supports nested virtualization, or use an instance on top of one"

does this mean that you must have nested virtualization enabled to br vulnerable. does disabling this feature in the host os or bios, make you immune to this bug?


Replies

kurisufagtoday at 6:12 PM

Nested virtualization prompts the use of shadow paging (where the bug is), is my understanding, where non-nested cases use hardware accelerated translation instead.