Changeset 78632 in vbox for trunk/doc/manual/en_US
- Timestamp:
- May 21, 2019 1:56:11 PM (6 years ago)
- Location:
- trunk
- Files:
-
- 2 edited
-
. (modified) (1 prop)
-
doc/manual/en_US/user_Security.xml (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk
- Property svn:mergeinfo
-
old new 9 9 /branches/VBox-5.1:112367,115992,116543,116550,116568,116573 10 10 /branches/VBox-5.2:119536,120083,120099,120213,120221,120239,123597-123598,123600-123601,123755,124260,124263,124271,124273,124277-124279,124284-124286,124288-124290,125768,125779-125780,125812 11 /branches/VBox-6.0:130474-130475,130477,130479 11 12 /branches/aeichner/vbox-chromium-cleanup:129816,129818-129851,129853-129861,129871-129872,129876,129880,129882,130013-130015,130036,130094-130095 12 13 /branches/andy/draganddrop:90781-91268
-
- Property svn:mergeinfo
-
trunk/doc/manual/en_US/user_Security.xml
r76786 r78632 637 637 </sect2> 638 638 639 <sect2 id="sec-rec-cve-2018-12126-et-al"> 640 641 <title>CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091</title> 642 643 <para> 644 These security issues affect a range of Intel CPUs starting with 645 Nehalem. The CVE-2018-12130 also affects some Atom Silvermont, 646 Atom Airmont, and Knights family CPUs, however the scope is so limited 647 that the host OS should deal with it for us and VBox therefore not 648 be affected (leaks only happens when entering and leaving C states). 649 </para> 650 651 <para> 652 Mitigation option: 653 </para> 654 655 <sect3> 656 657 <title>Buffer overwriting and disabling HT</title> 658 659 <para> 660 First, up to date CPU microcode is a prerequisite for the buffer 661 overwriting (clearing) mitigations. Some host OSes may install 662 these automatically, though it has traditionally been a task best 663 performed by the system firmware. So, please check with your 664 system / mainboard manufacturer for the latest firmware update. 665 </para> 666 667 <para> 668 This mitigation aims at removing potentially sensitive data from 669 the affected buffers before running guest code. Since this means 670 additional work each time the guest is scheduled, there might be 671 some performance side effects. 672 </para> 673 674 <para> 675 We recommend disabling hyper threading on host affected by 676 CVE-2018-12126 and CVE-2018-12127 because the affected sets of 677 buffers are normally shared between thread pairs and therefore 678 cause leaks between the threads. This is traditionally done from 679 the firmware setup, but some OSes also offers ways disable HT. In 680 some cases it may be disabled by default, but please verify as the 681 effectiveness of the mitigation depends on it. 682 </para> 683 684 <para> 685 The default action taken by VirtualBox is to clear the affected 686 buffers when a thread is scheduled to execute guest code, rather 687 than on each VM entry. This reduces the performance impact, while 688 making the assumption that the host OS will not handle security 689 sensitive data from interrupt handlers and similar without taking 690 precautions. 691 </para> 692 693 <para> 694 A more aggressive flushing option is provided via the 695 VBoxManage modifyvm option 696 <computeroutput>--mds-clear-on-vm-entry</computeroutput>. When 697 enabled the affected buffers will be cleared on every VM entry. 698 The performance impact is greater than with the default option, 699 though this of course depends on the workload. Workloads producing 700 a lot of VM exits (like networking, VGA access, and similiar) will 701 probably be most impacted. 702 </para> 703 704 <para> 705 For users not concerned by this security issue, the default 706 mitigation can be disabled using 707 </para> 708 709 <para> 710 <computeroutput>VBoxManage modifyvm name --mds-clear-on-sched 711 off</computeroutput> 712 </para> 713 714 </sect3> 715 716 </sect2> 717 639 718 </sect1> 640 719
Note:
See TracChangeset
for help on using the changeset viewer.
