Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Can Bochs VM help to avoid spectre and meltdown types of att
-
- Posts: 22
- Joined: 2019-01-06 15:04
Can Bochs VM help to avoid spectre and meltdown types of att
Can bochs full emulation prevent escaping from guest to host using spectre like vulnerabilities?
- GarryRicketson
- Posts: 5644
- Joined: 2015-01-20 22:16
- Location: Durango, Mexico
Re: Can Bochs VM help to avoid spectre and meltdown types of
Can Bochs VM help to avoid spectre and meltdown types of attack
The first hit:https://security.stackexchange.com/ques ... nd-spectre
The first hit:https://security.stackexchange.com/ques ... nd-spectre
Based on that, I would say no, Bochs VM can not help to avoid spectre and meltdown types of attack.So yes, the guest OS will be vulnerable to Meltdown and require patching independently of whether the hypervisor has been patched
"What we expect you have already Done"
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
-
- Posts: 22
- Joined: 2019-01-06 15:04
Re: Can Bochs VM help to avoid spectre and meltdown types of
Does an ability of a guest to escape into the host address space depend on a type of virtualization?
For example slow full emulation like in Bochs (when original CPU instructions are converted to other instructions before execution) vs fast hardware virtualization (when CPU instructions are executed almost unchanged just in another context) if I understand correctly ?
What about a full emulation of even another architecture? Say fully emulating immune Cortex A53 virtual hardware on a X86 hardware which is not immune to spectre by itself?
Is it so easy to produce a code for a Cortex A53 virtual guest CPU which would be translated into vulnerable hardware X86 host instructions?
For example slow full emulation like in Bochs (when original CPU instructions are converted to other instructions before execution) vs fast hardware virtualization (when CPU instructions are executed almost unchanged just in another context) if I understand correctly ?
What about a full emulation of even another architecture? Say fully emulating immune Cortex A53 virtual hardware on a X86 hardware which is not immune to spectre by itself?
Is it so easy to produce a code for a Cortex A53 virtual guest CPU which would be translated into vulnerable hardware X86 host instructions?