Can Bochs VM help to avoid spectre and meltdown types of att

If none of the more specific forums is the right place to ask

Can Bochs VM help to avoid spectre and meltdown types of att

Postby romankqsok » 2019-02-07 10:29

Can bochs full emulation prevent escaping from guest to host using spectre like vulnerabilities?
romankqsok
 
Posts: 22
Joined: 2019-01-06 15:04

Re: Can Bochs VM help to avoid spectre and meltdown types of

Postby GarryRicketson » 2019-02-07 13:34

Can Bochs VM help to avoid spectre and meltdown types of attack
The first hit:https://security.stackexchange.com/questions/176881/should-virtual-machines-be-patched-for-meltdown-and-spectre
So yes, the guest OS will be vulnerable to Meltdown and require patching independently of whether the hypervisor has been patched


Based on that, I would say no, Bochs VM can not help to avoid spectre and meltdown types of attack.
User avatar
GarryRicketson
 
Posts: 5877
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: Can Bochs VM help to avoid spectre and meltdown types of

Postby romankqsok » 2019-02-07 16:00

Does an ability of a guest to escape into the host address space depend on a type of virtualization?

For example slow full emulation like in Bochs (when original CPU instructions are converted to other instructions before execution) vs fast hardware virtualization (when CPU instructions are executed almost unchanged just in another context) if I understand correctly ?

What about a full emulation of even another architecture? Say fully emulating immune Cortex A53 virtual hardware on a X86 hardware which is not immune to spectre by itself?

Is it so easy to produce a code for a Cortex A53 virtual guest CPU which would be translated into vulnerable hardware X86 host instructions?
romankqsok
 
Posts: 22
Joined: 2019-01-06 15:04


Return to General Questions

Who is online

Users browsing this forum: No registered users and 11 guests

fashionable