[Qemu-devel] Qemu and Spectre_V4 + l1tf + IBRS

All of lore.kernel.org
 help / color / mirror / Atom feed

* [Qemu-devel] Qemu and Spectre_V4 + l1tf + IBRS_FW
@ 2018-08-17  6:44 Stefan Priebe - Profihost AG
  2018-08-17  9:41 ` Daniel P. Berrangé
  0 siblings, 1 reply; 3+ messages in thread
From: Stefan Priebe - Profihost AG @ 2018-08-17  6:44 UTC (permalink / raw)
  To: qemu-devel

Hello,

i haven't found anything on the web regarding qemu and mentioned variants.

While my host says:
l1tf:Mitigation: PTE Inversion; VMX: SMT vulnerable, L1D conditional
cache flushes
meltdown:Mitigation: PTI
spec_store_bypass:Mitigation: Speculative Store Bypass disabled via
prctl and seccomp
spectre_v1:Mitigation: __user pointer sanitization
spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW

My guests bootet with pcid and spec-ctrl only say:
l1tf:Mitigation: PTE Inversion
meltdown:Mitigation: PTI
spec_store_bypass:Vulnerable
spectre_v1:Mitigation: __user pointer sanitization
spectre_v2:Mitigation: Full generic retpoline, IBPB

* What is about spec_store_bypass in Qemu?
* What is about IBRS_FW feature?
* What is about L1TF?

Or are those just irrelevant to Qemu guests? Would be great to have some
informations.

Thanks a lot!

Greets,
Stefan

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] Qemu and Spectre_V4 + l1tf + IBRS_FW
  2018-08-17  6:44 [Qemu-devel] Qemu and Spectre_V4 + l1tf + IBRS_FW Stefan Priebe - Profihost AG
@ 2018-08-17  9:41 ` Daniel P. Berrangé
  2018-08-21  9:21   ` Stefan Priebe - Profihost AG
  0 siblings, 1 reply; 3+ messages in thread
From: Daniel P. Berrangé @ 2018-08-17  9:41 UTC (permalink / raw)
  To: Stefan Priebe - Profihost AG; +Cc: qemu-devel

On Fri, Aug 17, 2018 at 08:44:38AM +0200, Stefan Priebe - Profihost AG wrote:
> Hello,
> 
> i haven't found anything on the web regarding qemu and mentioned variants.
> 
> While my host says:
> l1tf:Mitigation: PTE Inversion; VMX: SMT vulnerable, L1D conditional
> cache flushes
> meltdown:Mitigation: PTI
> spec_store_bypass:Mitigation: Speculative Store Bypass disabled via
> prctl and seccomp
> spectre_v1:Mitigation: __user pointer sanitization
> spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW
> 
> My guests bootet with pcid and spec-ctrl only say:
> l1tf:Mitigation: PTE Inversion
> meltdown:Mitigation: PTI
> spec_store_bypass:Vulnerable
> spectre_v1:Mitigation: __user pointer sanitization
> spectre_v2:Mitigation: Full generic retpoline, IBPB
> 
> * What is about spec_store_bypass in Qemu?

The guest needs an 'ssbd' feature for Intel CPU models and either a
'virt-ssbd' or 'amd-ssbd' feature for AMD CPU models.

> * What is about IBRS_FW feature?

I'm not sure what IBRS_FW is referring to, but don't worry about it.
The fact the the guest kernel says "Mitigation" instead of "Vulnerable"
means you are protected with your current config.

For Intel CPU models Spectre v2 needs the guest to have the 'spec-ctrl'
feature. On AMD models Spectre v2 the guest needs 'ibpb' feature.

> * What is about L1TF?

No extra CPU flags are required for QEMU guests for L1TF. The new CPU
feature is merely an perf optimization for the host hypervisor fixes.

Note that with L1TF there are extra steps you need to consider wrt
hyperthreading, that won't be reflected in the 'vulnerabilities'
data published by the kernel.

You can read more about the procedure for dealing with L1TF in
virt hosts in the "Resolve" tab of this article:

  https://access.redhat.com/security/vulnerabilities/L1TF

> Or are those just irrelevant to Qemu guests? Would be great to have some
> informations.

We have some QEMU docs providing guidance on guest CPU model/feature config
but they are not yet published. In the meantime this blog post of mine gives
the same info, covering what's needed for Spectre v2, Meltdown and SSBD and
guidance in general for CPU config:

  https://www.berrange.com/posts/2018/06/29/cpu-model-configuration-for-qemu-kvm-on-x86-hosts/

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] Qemu and Spectre_V4 + l1tf + IBRS_FW
  2018-08-17  9:41 ` Daniel P. Berrangé
@ 2018-08-21  9:21   ` Stefan Priebe - Profihost AG
  0 siblings, 0 replies; 3+ messages in thread
From: Stefan Priebe - Profihost AG @ 2018-08-21  9:21 UTC (permalink / raw)
  To: Daniel P. Berrangé; +Cc: qemu-devel


Am 17.08.2018 um 11:41 schrieb Daniel P. Berrangé:
> On Fri, Aug 17, 2018 at 08:44:38AM +0200, Stefan Priebe - Profihost AG wrote:
>> Hello,
>>
>> i haven't found anything on the web regarding qemu and mentioned variants.
>>
>> While my host says:
>> l1tf:Mitigation: PTE Inversion; VMX: SMT vulnerable, L1D conditional
>> cache flushes
>> meltdown:Mitigation: PTI
>> spec_store_bypass:Mitigation: Speculative Store Bypass disabled via
>> prctl and seccomp
>> spectre_v1:Mitigation: __user pointer sanitization
>> spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW
>>
>> My guests bootet with pcid and spec-ctrl only say:
>> l1tf:Mitigation: PTE Inversion
>> meltdown:Mitigation: PTI
>> spec_store_bypass:Vulnerable
>> spectre_v1:Mitigation: __user pointer sanitization
>> spectre_v2:Mitigation: Full generic retpoline, IBPB
>>
>> * What is about spec_store_bypass in Qemu?
> 
> The guest needs an 'ssbd' feature for Intel CPU models and either a
> 'virt-ssbd' or 'amd-ssbd' feature for AMD CPU models.

Ah thanks. That works fine.

>> * What is about IBRS_FW feature?
> 
> I'm not sure what IBRS_FW is referring to, but don't worry about it.
> The fact the the guest kernel says "Mitigation" instead of "Vulnerable"
> means you are protected with your current config.
> 
> For Intel CPU models Spectre v2 needs the guest to have the 'spec-ctrl'
> feature. On AMD models Spectre v2 the guest needs 'ibpb' feature.
> 
>> * What is about L1TF?
> 
> No extra CPU flags are required for QEMU guests for L1TF. The new CPU
> feature is merely an perf optimization for the host hypervisor fixes.
> 
> Note that with L1TF there are extra steps you need to consider wrt
> hyperthreading, that won't be reflected in the 'vulnerabilities'
> data published by the kernel.
> 
> You can read more about the procedure for dealing with L1TF in
> virt hosts in the "Resolve" tab of this article:
> 
>   https://access.redhat.com/security/vulnerabilities/L1TF
> 
>> Or are those just irrelevant to Qemu guests? Would be great to have some
>> informations.
> 
> We have some QEMU docs providing guidance on guest CPU model/feature config
> but they are not yet published. In the meantime this blog post of mine gives
> the same info, covering what's needed for Spectre v2, Meltdown and SSBD and
> guidance in general for CPU config:
> 
>   https://www.berrange.com/posts/2018/06/29/cpu-model-configuration-for-qemu-kvm-on-x86-hosts/

Thanks, that one was really helpful.

Greets,
Stefan

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2018-08-21  9:31 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-08-17  6:44 [Qemu-devel] Qemu and Spectre_V4 + l1tf + IBRS_FW Stefan Priebe - Profihost AG
2018-08-17  9:41 ` Daniel P. Berrangé
2018-08-21  9:21   ` Stefan Priebe - Profihost AG

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.