-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2019-09-09 9:45 AM, Simon Gaiser wrote: > [Now with Inline-PGP such that google group doesn't break the signature] > > [email protected]: >> Is Qubes affected by the SWAPGS attack? > > From the Bitdefender "white paper" [1] (They reported this vuln.): > > "A quick analysis of the Hyper-V kernel and of the Xen hypervisor kernel > revealed that the SWAPGS instruction is not used, so exploitation is > impossible." > > [1]: > https://businessresources.bitdefender.com/hubfs/noindex/Bitdefender-WhitePaper-SWAPGS.pdf > >> I haven’t found a statement or Security Advisory from Xen. But it >> seems Xen still hasn’t even fixed the original Spectre v1 yet: >> https://xenproject.org/2018/01/04/xen-project-spectremeltdown-faq/ >> At the time of original Spectre, v1 was deemed very hard to exploit on >> Xen, but new variants of v1 like v1.1 and SWAPGS may invalidate that >> hypothesis. > > For Spectre variant 1 my understanding is that they are not aware of a > exploitable code path in Xen. But they are working on hardening. For > example grep the commit log for array_index_nospec or see [2] for an > arbitrary example where they discuss this during review. > > In the long run I hope there will be some compiler assisted technique > instead of manual review, which likely misses cases. But something like > this is not in place currently. See [3] for a description of the > non-public gcc plugin from grsecurity which implements this approach. > > [2]: > https://lists.xenproject.org/archives/html/xen-devel/2018-07/msg00982.html > [3]: https://grsecurity.net/respectre_announce.php > > Simon >
Thanks for the informative reply, Simon! - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl13IJgACgkQ203TvDlQ MDDHYw/+KbvGX2gn65Nx331LlnJmc2CgSFXA3t6B53tqomDtGsXY+YK6jRqMXYgW J1END4kYleHw4zF/Qs2VhGmO0JvRFoASpMFGHJWyavMFzWz0PbStvnYAkJrjm9ay eZC91/jdbGgw/5ssyS1wtyD74YAc3vKMwTtmLLztrXfDv8v1V48vCKOcH44K2z/h MzcV1yoqw5zPus4ycDwdudBIwjaNT4+fnMymSJ6+wDjCAkRWi+7eWqVE8WHzIXMu tR3hC+mXWU2Qzmq77PbhTXpq1lp275i4tABEOcXM4lhtopl5HP6B6YLkkIjWqYNv sJsTDFgM7S1IqwFp1ypL9xzGHkqEns5zYmaNklGxJ8Oh6QJlZYbrZ6Zjciq3w+s8 DDipLpmXgT8TFKGN4mmW7U0UjK3a9jeBBxFYRZxRJNFd6h1WkVTm4V/MBKzW7yp+ yUooSSprIxv6mEMS3WVV7l9bQbPLdbqmbel9GLqyali+0t4yEftQME7tk9OWvbuP caUop7Ock1rDtnnlasTYkNWX9hH0sXHAdjcfQlcKi96+w6eg4R9kvrOyLU3rxWHF EmWQv+rLNSd9MKyL8aCb2dIVV6nk/n6yqlQ0AeiUhNrjIbnkja7E0lPZAWdAwWgY OCCHMZmjebseram7hcElk6CJtO6I5yPz5uNbKterNFOX5eGf2X4= =WvGu -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/87020902-5091-40c7-41a4-8ba7633a44c2%40qubes-os.org.
