[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-ppc] [Qemu-devel] [PULL 00/60] ppc-for-4.0 queue 20190310

From: Alex Bennée
Subject: Re: [Qemu-ppc] [Qemu-devel] [PULL 00/60] ppc-for-4.0 queue 20190310
Date: Tue, 12 Mar 2019 19:23:36 +0000
User-agent: mu4e 1.1.0; emacs 26.1

David Gibson <address@hidden> writes:

> On Tue, Mar 12, 2019 at 10:01:45AM +0000, Peter Maydell wrote:
>> On Tue, 12 Mar 2019 at 03:34, David Gibson <address@hidden> wrote:
>> > Ok, done.  As a rule these warnings are there intentionally for TCG -
>> > we want to enable Spectre/Meltdown mitigations by default, but no-one
>> > really knows if and how to implement them for TCG.
>> For the Arm "block speculation" type instructions what we did was
>> say "TCG's execution doesn't speculate in a relevant way, and
>> we treat the TCG backends as not a security boundary anyway,
>> so we'll end the TB and put in a memory barrier and call that
>> sufficient". That is, they're provided for the benefit of
>> emulating guest OSes that use them, rather than because they
>> make a difference from a security perspective.
>> I don't know exactly what the semantics of the PPC mitigations
>> are, but we should probably think about and document a coherent
>> position on this for TCG.
> Yes, but this requires input from someone who understands both Spectre
> and TCG well enough, which I am not.

Someone applying for one of the outreach projects mentioned another
attack vector "side-channel leakages in qemu translation from ARM to
x86" to which I replied the same "not a security boundary" response. But
I guess there are some papers being written around this subject.

Alex Bennée

reply via email to

[Prev in Thread] Current Thread [Next in Thread]