Are you vulnerable to Flip Feng Shui? PowerCLI tells you!

Trying to find out if you are vulnerable to Flip Feng Shui on your VMware platform?

PowerCLI can tell you with a few commands.

As VMware tells us in https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2097593 that TPS is enabled under certain circumstances only in recent releases.

Specifically: If Mem.ShareForceSalting is 0, or if it is set to 1 and sched.mem.pshare.salt is not set, or if Mem.ShareForceSalting is set to 2, and sched.mem.pshare.salt or vc.uuid are not unique.

So how do we check this?

First: Mem.ShareForceSalting.

Get-VMHost|Get-AdvancedSetting -Name Mem.ShareForceSalting|ft Entity,Name,Value -AutoSize

Second: sched.mem.pshare.salt.

Get-VM|Get-AdvancedSetting -Name sched.mem.pshare.salt

And lastly: vc.uuid.

Get-VM|Get-AdvancedSetting -Name vc.uuid

So, you are vulnerable to Flip Feng Shui if:

  1. Mem.ShareForceSalting is set to 0
  2. Mem.ShareForceSalting is set to 1 and sched.mem.pshare.salt is not set on every VM
  3. Mem.ShareForceSalting is set to 2, and sched.mem.pshare.salt is not absent or unique for every VM
  4. Mem.ShareForceSalting is set to 2 and vc.uuid is not absent or unique for every VM

 

Good luck finding out!

Getagd met , ,