I-Broadcom, ethe yafumana ishishini le-VMware kunyaka ophelileyo, yacebisa utshintsho oluninzi lokubandakanywa kwi-Linux kernel, yongeza kwi-KVM hypervisor ukukwazi ukuhambisa i-VMware hypercalls kwindawo yomsebenzisi kunye nokubonelela ngokusebenza ngokukhetha ukuvumela "VMWare backdoor" ujongano olusetyenziswa kwiparavirtualization. ukuthumela izicelo kwiinkqubo zeendwendwe kwindawo engqonge inginginya. Kuqatshelwe ukuba olu tshintsho luya kuvumela iimveliso ze-VMware ukuba zitshintshe ekusebenziseni i-hypervisor ye-KVM kwiqonga le-Linux kwaye iya kubonelela ngokukwazi ukuqhuba iinkqubo zeendwendwe ze-VMware ezingaguqukiyo zisebenzisa i-KVM.
Utshintsho lokuqala longeza inkxaso kwi-KVM yokubuyisela i-VMware-specific hypercalls kumphathi wendawo yomsebenzisi (kwiimveliso ze-VMware, ii-hypercalls zicutshungulwa kwindawo yomsebenzisi), ivumela oomatshini abakhelwe i-VMware ukuba baqhube ngaphandle kokusebenzisa iimodyuli ze-kernel okanye ukwenza utshintsho iimoto virtual.
Utshintsho lwesibini lubonelela ngamandla okuvumela i-VMWare backdoor interface kungekuphela nje kwinkqubo yonke ngeparameter yokuqalisa ekhoyo. kvm.enable_vmware_backdoor, kodwa nangokusebenza kwinqanaba le-hypervisor ngokunxulumene noomatshini ababonakalayo ngabanye.
UMichael Larabel ufumene isiqinisekiso esivela kwi-Broadcom sokuba i-Linux inguqulelo yeqonga le-virtualization ye-VMware Workstation workstations izimisele ukutshintshela ekusebenziseni i-hypervisor ye-KVM endaweni yekhowudi yayo yobunikazi. Ixesha lokugqiba ukutshintshela kwi-KVM alikacaciswanga kwaye kuxhomekeke ngokukhawuleza ukuba utshintsho oluyimfuneko ekusebenzeni kunye neendwendwe ze-VMware zibandakanyiwe kwi-kernel ephambili kwaye ziqale ukuthunyelwa kwiikiti zokuhambisa. Kucingelwa ukuba akuyi kubakho iingxaki ngokudityaniswa kweepatches, kuba azichaphazeli nantoni na ebalulekileyo kwaye zibandakanya kuphela imigca embalwa yekhowudi. Olona khetho lunethemba lokutshintsha kweVMware Workstation ukuya kwi-KVM kulo nyaka uzayo.
umthombo: opennet.ru
