Re: [qubes-devel] Xen exploit mitigations
Op woensdag 3 maart 2021 om 04:47:51 UTC+1 schreef marm...@invisiblethingslab.com: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Tue, Mar 02, 2021 at 11:17:54AM -0800, Scumbag wrote: > > > > I asked this before on Qubes > > forum(https://qubes-os.discourse.group/t/xen-exploit-migitations/2469), > but > > there were no replies so I'm hoping I'll get replies here: > > > > I saw in the Xen 4.14 release notes that Xen now supports hardware based > > Control-flow Enforcement Technology (CET) which has been introduced into > > Intels Tiger Lake and AMDs Zen3 CPUs. > > - Does Qubes support this as well? > > Yes, we do have this enabled in Qubes 4.1. > > > - And does Xen also have a softwarebased CFI? > > Not that I'm aware of. > > > - Does Xen also support ASLR now? Some years ago I read a post from > Qubes > > saying that Xen didn’t have many exploit migitations and didn’t even > > support ASLR. > > Indeed Xen doesn't have ASLR and won't have anytime soon (PV must die > first, at the very least). But it does use some other mitigations like > SMAP/SMEP. And also some of the more complex parts like instruction > emulator are integrated with fuzzy testing. > > - -- > Best Regards, > Marek Marczykowski-Górecki > Invisible Things Lab > -BEGIN PGP SIGNATURE- > > iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmA/Bt4ACgkQ24/THMrX > 1yye8AgAgO7t/Sr4IbK7zD40T9ArO/cesRkgwnRM36pD4NQDXaW8UvMENJt+6yK2 > HrEVOelnH9po5NF7vPf6od2wf1ndIWCouNKRIq4qeQ1DwaiaUqbL6GLKYkBOjEPg > 1qSoHCg2UAMYg6lxrqM6pHneeTAUCnlYY15SdNv6aEJeP+ufjbpZD8HK4fA+W80S > TRvhMmoK1i2Cf5rsKDgiNiPjm5tZCsvcVwwPaKBvLSyEIceYoBstJQ9mfhlBR+dp > N5LtDFt7LZYaVHwrNClvOr1oHFgaPuLQDQeOs2bVM/vdrgTMUZQO72m4Gkm2+hi3 > MZ6PTdX/OsrEHK47g3lTxmF4zwAsCA== > =7enJ > -END PGP SIGNATURE- > Thank you for explaining Marek! -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/97bdfdde-335c-403a-b0cf-6b9ae4009bden%40googlegroups.com.
Re: [qubes-devel] Xen exploit mitigations
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Tue, Mar 02, 2021 at 11:17:54AM -0800, Scumbag wrote: > > I asked this before on Qubes > forum(https://qubes-os.discourse.group/t/xen-exploit-migitations/2469), but > there were no replies so I'm hoping I'll get replies here: > > I saw in the Xen 4.14 release notes that Xen now supports hardware based > Control-flow Enforcement Technology (CET) which has been introduced into > Intels Tiger Lake and AMDs Zen3 CPUs. > - Does Qubes support this as well? Yes, we do have this enabled in Qubes 4.1. > - And does Xen also have a softwarebased CFI? Not that I'm aware of. > - Does Xen also support ASLR now? Some years ago I read a post from Qubes > saying that Xen didn’t have many exploit migitations and didn’t even > support ASLR. Indeed Xen doesn't have ASLR and won't have anytime soon (PV must die first, at the very least). But it does use some other mitigations like SMAP/SMEP. And also some of the more complex parts like instruction emulator are integrated with fuzzy testing. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmA/Bt4ACgkQ24/THMrX 1yye8AgAgO7t/Sr4IbK7zD40T9ArO/cesRkgwnRM36pD4NQDXaW8UvMENJt+6yK2 HrEVOelnH9po5NF7vPf6od2wf1ndIWCouNKRIq4qeQ1DwaiaUqbL6GLKYkBOjEPg 1qSoHCg2UAMYg6lxrqM6pHneeTAUCnlYY15SdNv6aEJeP+ufjbpZD8HK4fA+W80S TRvhMmoK1i2Cf5rsKDgiNiPjm5tZCsvcVwwPaKBvLSyEIceYoBstJQ9mfhlBR+dp N5LtDFt7LZYaVHwrNClvOr1oHFgaPuLQDQeOs2bVM/vdrgTMUZQO72m4Gkm2+hi3 MZ6PTdX/OsrEHK47g3lTxmF4zwAsCA== =7enJ -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/YD8G3hWZaOgVPB%2Bg%40mail-itl.
[qubes-devel] Xen exploit mitigations
I asked this before on Qubes forum(https://qubes-os.discourse.group/t/xen-exploit-migitations/2469), but there were no replies so I'm hoping I'll get replies here: I saw in the Xen 4.14 release notes that Xen now supports hardware based Control-flow Enforcement Technology (CET) which has been introduced into Intels Tiger Lake and AMDs Zen3 CPUs. - Does Qubes support this as well? - And does Xen also have a softwarebased CFI? - Does Xen also support ASLR now? Some years ago I read a post from Qubes saying that Xen didn’t have many exploit migitations and didn’t even support ASLR. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/9bee0f80-fe7f-486b-a994-aefd43cc8158n%40googlegroups.com.