* [Qemu-devel] [qemu-web PATCH] improved phrasing regarding Meltdown and live migration
@ 2018-01-05 14:08 Paolo Bonzini
0 siblings, 0 replies; only message in thread
From: Paolo Bonzini @ 2018-01-05 14:08 UTC (permalink / raw)
To: qemu-devel; +Cc: ehabkost, simon.leinen
---
_posts/2018-01-04-spectre.md | 22 +++++++++++++---------
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/_posts/2018-01-04-spectre.md b/_posts/2018-01-04-spectre.md
index 5bbc7ed..ca11324 100644
--- a/_posts/2018-01-04-spectre.md
+++ b/_posts/2018-01-04-spectre.md
@@ -13,11 +13,13 @@ named _Meltdown_ and _Spectre_, affect in one way or another almost
all processors that perform out-of-order execution, including x86 (from
Intel and AMD), POWER, s390 and ARM processors.
-No microcode updates are required to block the _Meltdown_ attack; it is
-enough to update the guest operating system to a version that separates
-the user and kernel address spaces (known as _page table isolation_ for
-the Linux kernel). Therefore, this post will focus on _Spectre_, and
-especially on [CVE-2017-5715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715).
+No microcode updates are required to block the _Meltdown_ attack. In
+addition, the _Meltdown_ flaw does not allow a malicious guest to read the
+contents of hypervisor memory. Fixing it only requires that the operating
+system separates the user and kernel address spaces (known as _page table
+isolation_ for the Linux kernel), which can be done separately on the host
+and the guests. Therefore, this post will focus on _Spectre_, and especially
+on [CVE-2017-5715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715).
Fixing or mitigating _Spectre_ in general, and CVE-2017-5715 in particular,
requires cooperation between the processor and the operating system kernel or
@@ -52,9 +54,10 @@ host from malicious guests__. Nevertheless, updates will be posted to the
qemu-devel mailing list in the next few days, and a 2.11.1 patch release
will be released with the fix.
-Once updates are provided, __live migration will not be enough to protect
-guest kernel from guest userspace__. Because the virtual CPU has to be
-changed to one with the new CPUID bits, the guest will have to be restarted.
+Once updates are provided, __live migration to an updated version of
+QEMU will not be enough to protect guest kernel from guest userspace__.
+Because the virtual CPU has to be changed to one with the new CPUID bits,
+the guest will have to be restarted.
As of today, the QEMU project is not aware of whether similar changes will
be required for non-x86 processors. If so, they will also posted to the
@@ -67,4 +70,5 @@ Zero](https://googleprojectzero.blogspot.it/2018/01/reading-privileged-memory-wi
posts on the topic, as well as the [Spectre and Meltdown FAQ](https://meltdownattack.com/#faq).
__5 Jan 2018__: clarified the level of protection provided by the host kernel
-update; added a note on live migration.
+update; added a note on live migration; clarified the impact of Meltdown on
+virtualization hosts
--
2.14.3
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2018-01-05 14:08 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-05 14:08 [Qemu-devel] [qemu-web PATCH] improved phrasing regarding Meltdown and live migration Paolo Bonzini
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.