Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
Dnia Thursday, January 4, 2018 9:33:04 AM CET Andrew David Wong pisze: > We've just published an announcement about this: > > https://www.qubes-os.org/news/2018/01/04/xsa-254-meltdown-spectre/ Thank you, much appreciated. Good luck to the whole team in dealing with this. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5334706.ITVnm1lE8D%40lapuntu. For more options, visit https://groups.google.com/d/optout. signature.asc Description: This is a digitally signed message part.
Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2018-01-03 05:55, stephenatve...@gmail.com wrote: > https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ > > http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table > > It seems as if Linux countermeasures will involve a significant rewrite aka. > FUCKWIT. > > Is this perhaps why there is no final 4.0 release? > We've just published an announcement about this: https://www.qubes-os.org/news/2018/01/04/xsa-254-meltdown-spectre/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlpOSSkACgkQ203TvDlQ MDCm1A/8CB9dT3qUWt3KkrjRSd0kYBLnHyEHUVs828gHIT8J+QrIvWAkw1hKyVR9 mMas3QIKPCZiWh7/d69OES0YBFZLA8P79u1jJHaMGOh5j1JkQiqyMQ9dM9fH7pK7 cr1UKIbkhM9Yicp8F73FVuwQZe4zwOreUBW0PkPFtS5yNm9mYVqeGMvgFBdq+m+7 /e2R5uVk8WKtNxuIxqYm/fZAec8hNi9B+YxCrnO7w3a2VWLMu99yCTM7BaCvZcUe igoocDJ1Y3He/3TaV9dGcjmrOkih7iBTWS4jXr9B6XYSAhp4VyAqyldy9QQM3Icz CWKMxfuJzUaw+UYF3O85o8PAEKgzWxDqqGzR+1VVDJbDwzixolqWgpcl80PkLPRf Wdu9HZVXYeG0g0JA/Ys+KifKKRzFOaIHezTagJpxCt+qGct9wKjbyjdL/6bsi2dP P1AHQzcDJiHEQ9Uz91jqnRV0Ri2/+Dz+luiSbAlock7HjaQ7j9GvbRcGk72RU/lK qizFfPPLvHhR8OiSPPtl8sLNMMgxM+sC5lTJOzJtRkszKGpT8+DXonYviNjGbbSO qkLxoga1FMqDQlKb2sNPOqRs1/CtEqKsqSNuejDen5fl9STHoZKsuBr7/Ko6R3Gn Ty8l7AKg4fWyN9flc3LOUo2WAHACRhkQ4yCYR5hx3Xwc62lshis= =p5v8 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/93dada0b-7635-2227-e49b-337941ededb5%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
On Thu, January 4, 2018 1:28 am, awokd wrote: > On Thu, January 4, 2018 12:03 am, rysiek wrote: > > >> And here we are: >> https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-yo >> u- need.html >> https://googleprojectzero.blogspot.pt/2018/01/reading-privileged-memory >> -w >> ith-side.html https://meltdownattack.com/meltdown.pdf >> https://spectreattack.com/spectre.pdf >> > > Xen Security Advisory (not Qubes) > https://xenbits.xen.org/xsa/advisory-254.html This part is interesting, but might not be a lot of good if it doesn't include PCI passthrough: "For guests with legacy PV kernels which cannot be run in HVM mode, we have developed a "shim" hypervisor that allows PV guests to run in PVH mode. Unfortunately, due to the accelerated schedule, this is not yet ready to release. We expect to have it ready for 4.10, as well as PVH backports to 4.9 and 4.8, available over the next few days." -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4bd20e5453e42b2b49142b038ed119ce.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
On Thu, Jan 04, 2018 at 05:40:27AM -0800, stephenatve...@gmail.com wrote: > On Thursday, 4 January 2018 13:39:46 UTC+1, eva...@openmailbox.org wrote: > > 3.2 affected? When patch will be available? :( > My impression is that 3.2 isn't being patched pending 4.0, but I could be > wrong there. you are wrong. 3.2 will be supported for one more year after the release of 4.0. (Normally it's just for half a year.) -- cheers, Holger -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180104135930.7iwsg2n4slydmsgj%40layer-acht.org. For more options, visit https://groups.google.com/d/optout. signature.asc Description: PGP signature
Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
On Thursday, 4 January 2018 13:39:46 UTC+1, eva...@openmailbox.org wrote: > 3.2 affected? When patch will be available? :( My impression is that 3.2 isn't being patched pending 4.0, but I could be wrong there. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/daed3c17-3dd1-416c-b374-8e668a0bc798%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
3.2 affected? When patch will be available? :( -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180104123237.97B825671B5%40mta-1.openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
On Thu, January 4, 2018 12:03 am, rysiek wrote: > And here we are: > https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you- > need.html > https://googleprojectzero.blogspot.pt/2018/01/reading-privileged-memory-w > ith-side.html https://meltdownattack.com/meltdown.pdf > https://spectreattack.com/spectre.pdf Xen Security Advisory (not Qubes) https://xenbits.xen.org/xsa/advisory-254.html -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3d75e632d64780c462d87b7c5a8ecfd9.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
Dnia Wednesday, January 3, 2018 1:27:38 PM CET 'awokd' via qubes-users pisze: > On Wed, January 3, 2018 11:55 am, stephenatve...@gmail.com wrote: > > https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ > > > > > > http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-o > > f-the-linux-page-table > > > > It seems as if Linux countermeasures will involve a significant rewrite > > aka. FUCKWIT. > > > > Is this perhaps why there is no final 4.0 release? > > Believe PCI passthrough had been the major holdup for 4.0 release but I > could be wrong. I'm curious to see if Xen/Qubes is impacted as well. One > article says there was a rumor Xen was, another says there are comments in > the code that Xen PV/HVM is not. Embargo lifts on the 4th, so there should > be more facts then. Wouldn't want to engage in making speculative > assumptions (cough). And here we are: https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html https://googleprojectzero.blogspot.pt/2018/01/reading-privileged-memory-with-side.html https://meltdownattack.com/meltdown.pdf https://spectreattack.com/spectre.pdf " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " During the course of our research, we developed the following proofs of concept (PoCs): A PoC that demonstrates the basic principles behind variant 1 in userspace on the tested Intel Haswell Xeon CPU, the AMD FX CPU, the AMD PRO CPU and an ARM Cortex A57 [2]. This PoC only tests for the ability to read data inside mis-speculated execution within the same process, without crossing any privilege boundaries. A PoC for variant 1 that, when running with normal user privileges under a modern Linux kernel with a distro-standard config, can perform arbitrary reads in a 4GiB range [3] in kernel virtual memory on the Intel Haswell Xeon CPU. If the kernel's BPF JIT is enabled (non-default configuration), it also works on the AMD PRO CPU. On the Intel Haswell Xeon CPU, kernel virtual memory can be read at a rate of around 2000 bytes per second after around 4 seconds of startup time. [4] A PoC for variant 2 that, when running with root privileges inside a KVM guest created using virt-manager on the Intel Haswell Xeon CPU, with a specific (now outdated) version of Debian's distro kernel [5] running on the host, can read host kernel memory at a rate of around 1500 bytes/second, with room for optimization. Before the attack can be performed, some initialization has to be performed that takes roughly between 10 and 30 minutes for a machine with 64GiB of RAM; the needed time should scale roughly linearly with the amount of host RAM. (If 2MB hugepages are available to the guest, the initialization should be much faster, but that hasn't been tested.) A PoC for variant 3 that, when running with normal user privileges, can read kernel memory on the Intel Haswell Xeon CPU under some precondition. We believe that this precondition is that the targeted kernel memory is present in the L1D cache. " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/40959822.UoTSMkEhtd%40lapuntu. For more options, visit https://groups.google.com/d/optout. signature.asc Description: This is a digitally signed message part.
Re: [qubes-users] Is Qubes effected by the Intel kernel memory leaking bug?
On Wed, January 3, 2018 11:55 am, stephenatve...@gmail.com wrote: > https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ > > > http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-o > f-the-linux-page-table > > It seems as if Linux countermeasures will involve a significant rewrite > aka. FUCKWIT. > > Is this perhaps why there is no final 4.0 release? Believe PCI passthrough had been the major holdup for 4.0 release but I could be wrong. I'm curious to see if Xen/Qubes is impacted as well. One article says there was a rumor Xen was, another says there are comments in the code that Xen PV/HVM is not. Embargo lifts on the 4th, so there should be more facts then. Wouldn't want to engage in making speculative assumptions (cough). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6ff0145ba59440176d14fac462759ba4.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
