-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Fri, Jan 05, 2018 at 12:14:43PM +0000, Marco Giglio wrote:
> By reading that advisory and information posted here (
> https://blog.xenproject.org/2018/01/04/xen-project-spectremeltdown-faq/),
> it seems that there are 2 possible short-term mitigations against
> Meltdown for QubesOS 3.2 users.
> -  Move PV VMs to HVM.

This option require VT-x support in the hardware. Something that wasn't
required by 3.2 before.

> -  Move PV VMs to use 32-bit kernels. It should prevent to use
> Meltdown/SP3 against the hypervisor, but it won't prevent it against the
> kernel itself.  Then update when newer 32-bit kernel with KPIT are
> available.

This option require replacing both VM kernel _and_ templates. Especially
painful for heavily customized templates.

> Qubes 4 users shouldn't be affected by SP3/Meltdown, but should be
> affected from SP1/SP2/Spectre.

Yes, that's correct.

We're still evaluating available options. For example there are three
alternative workarounds for SP3 developed in parallel on xen-devel, each
having own good and bad sides. And patches to mitigate SP1/SP2 are also
not ready yet.

For this reason, we're delaying Qubes OS rc4 (originally scheduled to be
released tomorrow), until we come up with final plan what to do about
those hardware issues.

> On 01/04/2018 10:53 PM, Chris Drake wrote:
> > It is very clear: https://xenbits.xen.org/xsa/advisory-254.html
> >
> > IMPACT
> > ======
> >
> > Xen guests may be able to infer the contents of arbitrary host memory,
> > including memory assigned to other guests.
> >
> > VULNERABLE SYSTEMS
> > ==================
> >
> > Systems running all versions of Xen are affected.
> >
> > MITIGATION
> > ==========
> >
> > There is no mitigation for SP1 and SP2.
> >
> > RESOLUTION
> > ==========
> >
> > There is no available resolution for SP1 or SP3.
> >
> >
> > For those unaware - this is a hardware fault.  CPUs make use of speculative 
> > execution (Spectre) or Pipelines (Meltdown) - both of which can be used to 
> > attempt to access illegal memory.  The access fails, however, it's possible 
> > to use the "stolen" memory before the access-fail is enforced in a way that 
> > makes it available on a side-channel (cache in these exploits, but could be 
> > anything else like ports/dma) to any non-privileged process.
> >
> 

- -- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlpSZD0ACgkQ24/THMrX
1yyK9Qf/T5jG7zHPjwCmF4ztD2FRJoo0qJzWmtjgNz67V+tK1K/hQsTph3CMor5N
UCKSKqSXxRZVjTfgv4CW4SJqUfDk++aIs/lvdsAABOt25LU2nVOy9BwPSWVYZDs7
KqsERFSAaorNEzq0CftHVIDyvzOOtWRD/eGL4P5TlfTvCvv2HN2/Br9esItxF3CM
vzT/qGCnNpkhn9TIlVxK/JTeZ9t/krC1Z2/vaiU5h+noxv6LFvL4pZ5zILjNgcGu
BeeqymA1VrWijoRA2W+qdI3s3moCOQfWNvXxYujc/sAr/axVjqfdC4+qsL2h4pH2
OykhrEfRubAVSqyW4c/vYunT7ARY7A==
=00Sg
-----END PGP SIGNATURE-----

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-devel+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-devel@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-devel/20180107181733.GB2653%40mail-itl.
For more options, visit https://groups.google.com/d/optout.

Reply via email to