--- _posts/2018-01-04-spectre.md | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/_posts/2018-01-04-spectre.md b/_posts/2018-01-04-spectre.md index 5bbc7ed..ca11324 100644 --- a/_posts/2018-01-04-spectre.md +++ b/_posts/2018-01-04-spectre.md @@ -13,11 +13,13 @@ named _Meltdown_ and _Spectre_, affect in one way or another almost all processors that perform out-of-order execution, including x86 (from Intel and AMD), POWER, s390 and ARM processors. -No microcode updates are required to block the _Meltdown_ attack; it is -enough to update the guest operating system to a version that separates -the user and kernel address spaces (known as _page table isolation_ for -the Linux kernel). Therefore, this post will focus on _Spectre_, and -especially on [CVE-2017-5715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715). +No microcode updates are required to block the _Meltdown_ attack. In +addition, the _Meltdown_ flaw does not allow a malicious guest to read the +contents of hypervisor memory. Fixing it only requires that the operating +system separates the user and kernel address spaces (known as _page table +isolation_ for the Linux kernel), which can be done separately on the host +and the guests. Therefore, this post will focus on _Spectre_, and especially +on [CVE-2017-5715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715). Fixing or mitigating _Spectre_ in general, and CVE-2017-5715 in particular, requires cooperation between the processor and the operating system kernel or @@ -52,9 +54,10 @@ host from malicious guests__. Nevertheless, updates will be posted to the qemu-devel mailing list in the next few days, and a 2.11.1 patch release will be released with the fix. -Once updates are provided, __live migration will not be enough to protect -guest kernel from guest userspace__. Because the virtual CPU has to be -changed to one with the new CPUID bits, the guest will have to be restarted. +Once updates are provided, __live migration to an updated version of +QEMU will not be enough to protect guest kernel from guest userspace__. +Because the virtual CPU has to be changed to one with the new CPUID bits, +the guest will have to be restarted. As of today, the QEMU project is not aware of whether similar changes will be required for non-x86 processors. If so, they will also posted to the @@ -67,4 +70,5 @@ Zero](https://googleprojectzero.blogspot.it/2018/01/reading-privileged-memory-wi posts on the topic, as well as the [Spectre and Meltdown FAQ](https://meltdownattack.com/#faq). __5 Jan 2018__: clarified the level of protection provided by the host kernel -update; added a note on live migration. +update; added a note on live migration; clarified the impact of Meltdown on +virtualization hosts -- 2.14.3
