Announcement

Collapse
No announcement yet.

L1TF CPU bug present ...

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    L1TF CPU bug present ...

    Checking my logs just know I noticed this in the boot.log

    7.675749 L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/late...vuln/l1tf.html for details.
    While this is a purely speculative mechanism and the instruction will raise a page fault when it is retired eventually, the pure act of loading the data and making it available to other speculative instructions opens up the opportunity for side channel attacks to unprivileged malicious code, similar to the Meltdown attack.

    While Meltdown breaks the user space to kernel space protection, L1TF allows to attack any physical memory address in the system and the attack works across all protection domains. It allows an attack of SGX and also works from inside virtual machines because the speculation bypasses the extended page table (EPT) protection mechanism.
    ...

    2. Malicious guest in a virtual machine

    The fact that L1TF breaks all domain protections allows malicious guest OSes, which can control the PTEs directly, and malicious guest user space applications, which run on an unprotected guest kernel lacking the PTE inversion mitigation for L1TF, to attack physical host memory.
    ...
    While solutions exist to mitigate these attack vectors fully, these mitigations are not enabled by default in the Linux kernel because they can affect performance significantly.
    The article goes on to list several mitigation procedures. One is to make sure your guest OS is "trusted". An interesting one is running a virtual machine inside a virtual machine! I have 8 cores and 16GB of RAM. I give my VM's 4 core, 8GB or RAM and 60GB of SSD space. Inside that VM, were I to create another VM, I'd be limited to giving it 2 core and 4GB of RAM. The SSD space isn't relevant.

    I've been playing with KDENeon for the last several months to see how it is going, which is nicely. KDENeon is a trusted. However, I have no intention of moving to KDENeon so my mitigation procedure will be to remove KDENeon's VM and then uninstall virt-manager, since I wouldn't need it any more.

    Problem solved.
    Last edited by GreyGeek; Jul 04, 2021, 12:51 PM.
    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.
Working...
X