* CPU vulnerabilities in public clouds
@ 2020-02-05 16:06 Stefan Hajnoczi
2020-02-05 16:47 ` Vitaly Kuznetsov
2020-02-12 11:01 ` Christophe de Dinechin
0 siblings, 2 replies; 4+ messages in thread
From: Stefan Hajnoczi @ 2020-02-05 16:06 UTC (permalink / raw)
To: Vitaly Kuznetsov; +Cc: kvm
Hi Vitaly,
I just watched your FOSDEM talk on CPU vulnerabilities in public clouds:
https://mirror.cyberbits.eu/fosdem/2020/H.1309/vai_pubic_clouds_and_vulnerable_cpus.webm
If I understand correctly the situation for cloud users is:
1. The cloud provider takes care of hypervisor and CPU microcode fixes
but the instance may still be vulnerable to inter-process or guest
kernel attacks.
2. /sys/devices/system/cpu/vulnerabilities lists vulnerabilities that
the guest kernel knows about. This might be outdated if new
vulnerabilities have been discovered since the kernel was installed.
False negatives are possible where your slides show the guest kernel
thinks there is no mitigation but you suspect the cloud provider has a
fix in place.
3. Cloud users still need to learn about every vulnerability to
understand whether inter-process or guest kernel attacks are possible.
Overall this seems to leave cloud users in a bad situation. They
still need to become experts in each vulnerability and don't have
reliable information on their protection status.
Users with deep pockets will pay someone to do the work for them. For
many users the answer will probably be to apply guest OS updates and
hope for the best? :(
It would be nice if /sys/devices/system/cpu/vulnerabilities was at
least accurate... Do you have any thoughts on improving the situation
for users?
Stefan
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: CPU vulnerabilities in public clouds
2020-02-05 16:06 CPU vulnerabilities in public clouds Stefan Hajnoczi
@ 2020-02-05 16:47 ` Vitaly Kuznetsov
2020-02-12 11:01 ` Christophe de Dinechin
1 sibling, 0 replies; 4+ messages in thread
From: Vitaly Kuznetsov @ 2020-02-05 16:47 UTC (permalink / raw)
To: Stefan Hajnoczi; +Cc: kvm
Stefan Hajnoczi <stefanha@gmail.com> writes:
> Hi Vitaly,
> I just watched your FOSDEM talk on CPU vulnerabilities in public clouds:
> https://mirror.cyberbits.eu/fosdem/2020/H.1309/vai_pubic_clouds_and_vulnerable_cpus.webm
>
> If I understand correctly the situation for cloud users is:
> 1. The cloud provider takes care of hypervisor and CPU microcode fixes
> but the instance may still be vulnerable to inter-process or guest
> kernel attacks.
Correct.
> 2. /sys/devices/system/cpu/vulnerabilities lists vulnerabilities that
> the guest kernel knows about. This might be outdated if new
> vulnerabilities have been discovered since the kernel was installed.
We don't know what we don't know, yes.
> False negatives are possible where your slides show the guest kernel
> thinks there is no mitigation but you suspect the cloud provider has a
> fix in place.
Well, I'm assuming that cloud providers are not crazy :-)
In particular, when you don't see STIBP/IBPB features on your instance
*now* there are two options:
1) Microcode wasn't updated since 2017
2) Features are deliberately hidden from you.
Why are these features hidden? Well, performace. When guest kernel sees
them it will start using them! And it doesn't come for free.
The situation with MDS/TAA is somewhat unique. To flush these internal
CPU buffers, an existing 'verw' instruction was re-purposed so if the
guest sees 'md_clear' flag it knows that the flush is happening,
however, if it doesn't see the flag (e.g. it was hidden by the
hypervisor) it cannot tell for sure if microcode update was deployed or
not. Linux made a choice to still try by default (MDS_MITIGATION_VMWERV/
TAA_MITIGATION_UCODE_NEEDED).
> 3. Cloud users still need to learn about every vulnerability to
> understand whether inter-process or guest kernel attacks are possible.
>
> Overall this seems to leave cloud users in a bad situation. They
> still need to become experts in each vulnerability and don't have
> reliable information on their protection status.
The situation is not any better outside of cloud space. Linux (upstream
or vendors) tries to make reasonable choices for its defaults but they
may or may not work well for everyone. E.g. for mitigating Spectre_v2 we
now default to 'conditional' STIBP/IBPB meaning it will be enabled for
seccomp'ed tasks and tasks which explicitly ask for it with
prctl(). This is a good default but not a universal solution for
everyone.
>
> Users with deep pockets will pay someone to do the work for them. For
> many users the answer will probably be to apply guest OS updates and
> hope for the best? :(
Yes, it is, of course, possible that the user is in danger, however, to
mount an attack an intruder needs to have local access so it's mostly
multi-tenant environments which are at risk (or, if you're running an
untrusted code in your environment. Just don't).
>
> It would be nice if /sys/devices/system/cpu/vulnerabilities was at
> least accurate... Do you have any thoughts on improving the situation
> for users?
The biggest ambiguity I see now is with Spectre_v2, I was sending an RFC
last week:
https://lore.kernel.org/lkml/20200121160257.302999-1-vkuznets@redhat.com/
but it seems I'm not the only one who noticed that.
Also, for KVM we probably should adjust our defaults for
L1TF/ITLB_MULTIHIT when running as a nested (L1) hypervisor.
There is also a big question with SMT (and I need to revive my
'NO_NONARCH_CORESHARING' work).
--
Vitaly
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: CPU vulnerabilities in public clouds
2020-02-05 16:06 CPU vulnerabilities in public clouds Stefan Hajnoczi
2020-02-05 16:47 ` Vitaly Kuznetsov
@ 2020-02-12 11:01 ` Christophe de Dinechin
2020-02-17 12:30 ` Vitaly Kuznetsov
1 sibling, 1 reply; 4+ messages in thread
From: Christophe de Dinechin @ 2020-02-12 11:01 UTC (permalink / raw)
To: Stefan Hajnoczi; +Cc: Vitaly Kuznetsov, kvm
> On 5 Feb 2020, at 17:06, Stefan Hajnoczi <stefanha@gmail.com> wrote:
>
> Hi Vitaly,
> I just watched your FOSDEM talk on CPU vulnerabilities in public clouds:
> https://mirror.cyberbits.eu/fosdem/2020/H.1309/vai_pubic_clouds_and_vulnerable_cpus.webm
>
> If I understand correctly the situation for cloud users is:
> 1. The cloud provider takes care of hypervisor and CPU microcode fixes
> but the instance may still be vulnerable to inter-process or guest
> kernel attacks.
> 2. /sys/devices/system/cpu/vulnerabilities lists vulnerabilities that
> the guest kernel knows about. This might be outdated if new
> vulnerabilities have been discovered since the kernel was installed.
> False negatives are possible where your slides show the guest kernel
> thinks there is no mitigation but you suspect the cloud provider has a
> fix in place.
> 3. Cloud users still need to learn about every vulnerability to
> understand whether inter-process or guest kernel attacks are possible.
>
> Overall this seems to leave cloud users in a bad situation. They
> still need to become experts in each vulnerability and don't have
> reliable information on their protection status.
>
> Users with deep pockets will pay someone to do the work for them. For
> many users the answer will probably be to apply guest OS updates and
> hope for the best? :(
>
> It would be nice if /sys/devices/system/cpu/vulnerabilities was at
> least accurate... Do you have any thoughts on improving the situation
> for users?
I understand your concern, and it’s a great point.
However, /sys is about the local system, so I’m not overly shocked
that it does not know about what is outside the system :-)
What could be nice, though, is if /sys/…/vulnerabilities exposed
a list of CVEs that have been taken into account at the time
the kernel was built.
# cat /sys/devices/system/cpu/vulnerabilities/CVE_list
2017-5715
2017-5753
2017-5754
2018-3615
2018-3620
2018-3646
2018-12207
2018-12130
2018-12126
2018-12127
2019-11091
2018-3639
2019-11135
That way, you would know at least what you are measuring against.
The implementation is quite easy, see experiment here:
https://github.com/c3d/linux/commits/cpu-bugs-cve-list
Do you think that would have any value?
Thanks
Christophe
>
> Stefan
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: CPU vulnerabilities in public clouds
2020-02-12 11:01 ` Christophe de Dinechin
@ 2020-02-17 12:30 ` Vitaly Kuznetsov
0 siblings, 0 replies; 4+ messages in thread
From: Vitaly Kuznetsov @ 2020-02-17 12:30 UTC (permalink / raw)
To: Christophe de Dinechin; +Cc: kvm, Stefan Hajnoczi
Christophe de Dinechin <dinechin@redhat.com> writes:
>> On 5 Feb 2020, at 17:06, Stefan Hajnoczi <stefanha@gmail.com> wrote:
>>
>> Hi Vitaly,
>> I just watched your FOSDEM talk on CPU vulnerabilities in public clouds:
>> https://mirror.cyberbits.eu/fosdem/2020/H.1309/vai_pubic_clouds_and_vulnerable_cpus.webm
>>
>> If I understand correctly the situation for cloud users is:
>> 1. The cloud provider takes care of hypervisor and CPU microcode fixes
>> but the instance may still be vulnerable to inter-process or guest
>> kernel attacks.
>> 2. /sys/devices/system/cpu/vulnerabilities lists vulnerabilities that
>> the guest kernel knows about. This might be outdated if new
>> vulnerabilities have been discovered since the kernel was installed.
>> False negatives are possible where your slides show the guest kernel
>> thinks there is no mitigation but you suspect the cloud provider has a
>> fix in place.
>> 3. Cloud users still need to learn about every vulnerability to
>> understand whether inter-process or guest kernel attacks are possible.
>>
>> Overall this seems to leave cloud users in a bad situation. They
>> still need to become experts in each vulnerability and don't have
>> reliable information on their protection status.
>>
>> Users with deep pockets will pay someone to do the work for them. For
>> many users the answer will probably be to apply guest OS updates and
>> hope for the best? :(
>>
>> It would be nice if /sys/devices/system/cpu/vulnerabilities was at
>> least accurate... Do you have any thoughts on improving the situation
>> for users?
>
> I understand your concern, and it’s a great point.
>
> However, /sys is about the local system, so I’m not overly shocked
> that it does not know about what is outside the system :-)
>
> What could be nice, though, is if /sys/…/vulnerabilities exposed
> a list of CVEs that have been taken into account at the time
> the kernel was built.
>
> # cat /sys/devices/system/cpu/vulnerabilities/CVE_list
> 2017-5715
> 2017-5753
> 2017-5754
> 2018-3615
> 2018-3620
> 2018-3646
> 2018-12207
> 2018-12130
> 2018-12126
> 2018-12127
> 2019-11091
> 2018-3639
> 2019-11135
>
> That way, you would know at least what you are measuring against.
> The implementation is quite easy, see experiment here:
>
> https://github.com/c3d/linux/commits/cpu-bugs-cve-list
>
> Do you think that would have any value?
>
In a way, yes. The list basically tells you 'your kernel *knows* about
these CVEs as it was released after their release dates' but there is
still some uncertainty for the user: OK, a CVE exists but is my CPU
actually vulnerable? It may happen that when CVE releases we think that
some CPUs (or a particular arch) are not vulnerable but we change our
mind later. Also, all vulnerabilities are different as the severity
depends a lot on the workload. The actions one need to undertake differ
(update microcode, disable SMT, pin tasks to certain cores/threads,
...). The bottom line is I don't see an easy path for users. They either
trust the source of their bits (e.g. distro), the infrastructure
(hardware/virtual/cloud) and the default settings as being 'secure
enough' or they have to study the details...
--
Vitaly
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-02-17 12:31 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-02-05 16:06 CPU vulnerabilities in public clouds Stefan Hajnoczi
2020-02-05 16:47 ` Vitaly Kuznetsov
2020-02-12 11:01 ` Christophe de Dinechin
2020-02-17 12:30 ` Vitaly Kuznetsov
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.