On 01/04/2018 10:46 AM, Eric Blake wrote: > One thing that might happen: the papers describing the flaws mention > that side effects of speculative execution in hardware is a root cause > for all three related vulnerabilities (two under the name Spectre and > one under the name Meltdown) just made public; so it is conceivable that > hardware vendors may offer a microcode update that enables run-time > enabling/disabling of speculative execution (a tradeoff of speed vs. > security; disabling speculative execution would prevent leaks, but kill > performance). Indeed, that's part of what has already happened - Intel and AMD are both providing new microcode that adds new processor capability bits for controlling the use of speculative execution while executing kernel code; and part of the updates you will need to protect against Spectre include updating to that new microcode, updating the kernel to take advantage of the new processor capabilities, updating qemu to migrate the CPUID state of those new capabilities, and updating libvirt's CPU models to include those new CPUID states. For maximum protection, you have to update both host and guest kernels. The updates do come with performance penalties, so you will also want to benchmark what the updates will do to your deployments, and consider whether you have sufficient security via other means to avoid having to use the slowdowns entailed by generically disabling speculative execution in the kernel if you have a high-performance situation that is sufficiently isolated, vs. using the patches and taking the performance hit if you cannot ensure that no other process on the machine will ever attempt to abuse the effects of Spectre. More details can be learned from this blog post: https://www.qemu.org/2018/01/04/spectre/ And yes, there are still patches and updates coming down the pipeline (the embargo was lifted at a point when not all patches were fully baked), so if you are planning mass upgrades, be sure you factor in the availability of patches into your timeline. -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
