Opened 6 years ago
Last modified 4 years ago
#18477 reopened defect
Request for VBox to pass through Speculative Store Bypass (SSB) mitigations to guest => duplicate of #17987
| Reported by: | Thomas Stephen Lee | Owned by: | |
|---|---|---|---|
| Component: | other | Version: | VirtualBox 6.0.4 |
| Keywords: | Speculative Store Bypass | Cc: | |
| Guest type: | Linux | Host type: | Linux |
Description
Hi,
Using Host VirtualBox 6.0.4 on CentOS 7.6.
Guest also CentOS 7.6
On the Host
$ grep . /sys/devices/system/cpu/vulnerabilities/*
gives
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl and seccomp
but inside the Virtual Machine Guest
$ grep . /sys/devices/system/cpu/vulnerabilities/*
gives
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable
Kindly check.
Change History (7)
comment:1 by , 6 years ago
comment:2 by , 5 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Passing through CPU Spectre mitigations should be supported in recent VirtualBox releases, closing.
comment:3 by , 4 years ago
This is not fixed. Most Spectre mitigations are indeed supported but not Speculative Store Bypass:
Host (executed before starting VM):
$ vboxmanage modifyvm Ubuntu --spec-ctrl on
Guest:
$ lscpu | grep 'Spec store bypass' Vulnerability Spec store bypass: Vulnerable
Host:
$ lscpu | grep 'Spec store bypass' Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
For this vulnerability CPU flag ssbd must be exposed, but it's not the case with VirtualBox:
$ lscpu | grep -w -o -c ssbd 0
Host:
$ lscpu | grep -w -o -c ssbd 1
comment:4 by , 4 years ago
| Resolution: | fixed |
|---|---|
| Status: | closed → reopened |
The above is tested on VirtualBox 6.1.10:
$ apt list --installed virtualbox Listing... Done virtualbox/focal-updates,now 6.1.10-dfsg-1~ubuntu1.20.04.1 amd64 [installed]
According to https://www.virtualbox.org/wiki/Changelog there were no related changes in later releases.
comment:5 by , 4 years ago
| Resolution: | → duplicate |
|---|---|
| Status: | reopened → closed |
| Summary: | Virtual Machine Vulnerable while Host not Vulnerable → Request for VBox to pass through Speculative Store Bypass (SSB) mitigations to guest => duplicate of #17987 |
The mitigation for the Spectre/Meltdown issues documented in CVE-2017-5715 can be passed through to VirtualBox guests using:
VBoxManage modifyvm <VM name> --spec-ctrl on
This is documented in the VirtualBox manual:
https://www.virtualbox.org/manual/ch08.html
--spec-ctrl on|off: Enables and disables the exposure of speculation
control interfaces to the guest, provided they are available on the host. Depending on the host CPU and workload, enabling speculation control may significantly reduce performance.
and is available in VirtualBox 5.2.32 and later, 6.0.0 and later, and 6.1.0 and later.
The changes required for passing through the Speculative Store Bypass (SSB) (CVE-2018-3639) mitigations to VirtualBox guests have not been implemented yet. Closing this as a duplicate of ticket #17987 which was filed before this one.
comment:6 by , 4 years ago
| Resolution: | duplicate |
|---|---|
| Status: | closed → reopened |
@paulson, please pay attention. I confirmed here that with latest VirtualBox release and --spec-ctrl on virtual machines are STILL VULNERABLE to Speculative Store Bypass vulnerability. Reopening until some sane review is received.
comment:7 by , 4 years ago
I apologize, didn't read the last part of your reply. Ticket #17987 is about Spectre vulnerability, which is now mitigated properly in VirtualBox, so #17987 should actually be closed. This ticket is a feature request to add Speculative Store Bypass mitigation support and should remain open until it is implemented. Thank you.
Using Host VirtualBox 6.0.4 on Fedora 29.
Guest RHEL 8 Beta.
inside guest
$ grep . /sys/devices/system/cpu/vulnerabilities/*
gives
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable
Kindly check.