RETBleed attack warning again

Discussions related to using VirtualBox on Linux hosts.
camvirt
Posts: 41
Joined: 25. Mar 2019, 01:14

RETBleed attack warning again

Post by camvirt »

I am using Mx-linux as a host and the version of Virtualbox is 6.1.22 and When I install a new Linux system guest I would see a ReTbleed attack error, which previously I correct by turning off the gust and issuing the command VBoxManage modifyvm "VM name" --spec-ctrl on which worked.

I tried to install Debian guest and the mesage still appears even after turning off the guest and issuing the command successfully.

MX-linux has not updated the version of Virtualbox why does it no longer work ?

orignal post
viewtopic.php?f=7&t=107103#p524017
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: RETBleed attack warning again

Post by scottgus1 »

Let's see if the command worked.

Right-click the VM in the main Virtualbox window's VM list, choose Show in Explorer/Finder/File Manager. Zip the VM's .vbox file (not the .vbox-prev file), and post the zip file, using the forum's Upload Attachment tab. (Configure your host OS to show all extensions if the folder that opens does not show a .vbox file.)
camvirt
Posts: 41
Joined: 25. Mar 2019, 01:14

Re: RETBleed attack warning again

Post by camvirt »

I have enclosed the zipped vbox file zipped and the list of current extensions. I have removed the VNC extension as I did not install it and do not know its funtion.
Attachments
Extensions
Extensions
virtualbox vnc extension.png (34.28 KiB) Viewed 3954 times
Debian32 (copy 1).vbox.zip
vbox zip
(1.59 KiB) Downloaded 10 times
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: RETBleed attack warning again

Post by scottgus1 »

the .vbox file wrote:<SpecCtrl enabled="true"/>
If I read this correctly, the command worked. A forum guru may explain more clearly what's going on. Also, since this VM may be a copy based on the name, try a fresh Debian VM with the command put in place before installing the OS, see if the same Debian message occurs.
camvirt
Posts: 41
Joined: 25. Mar 2019, 01:14

Re: RETBleed attack warning again

Post by camvirt »

This is a new Debian 32 bit install. the vbox is not a copy. When it starts up the error message appears. What do you mean put the command in front? The command is placed on the host which is a MX-21.
Attachments
spectre error message on guest.png
spectre error message on guest.png (7.45 KiB) Viewed 3921 times
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: RETBleed attack warning again

Post by scottgus1 »

camvirt wrote:This is a new Debian 32 bit install. the vbox is not a copy.
camvirt wrote:Debian32 (copy 1).vbox.zip
OK.
camvirt wrote:What do you mean put the command in front?
Language translation?
scottgus1 wrote:with the command put in place before installing the OS
After you make the new VM, before running the new VM to do the installation of Debian, run the command on the new VM. The new VM's .vbox file should have these lines:
<Hardware>
<CPU>
....
<SpecCtrl enabled="true"/>
This is speculation, on the guess that Debian may need a recalculation of its installation in some way if this spec ctrl is changed.

One other thing, this protection might be required on the host first.
camvirt
Posts: 41
Joined: 25. Mar 2019, 01:14

Re: RETBleed attack warning again

Post by camvirt »

The host mx-21 does have retbleed mitigation installed and confirmed via an app. I have reinstalled Debian32 bit and the same error occurs.

Note that when I implemented the command VBoxManage modifyvm "VM name" --spec-ctrl on it worked and the message did not appear. After installing this new version of Debian from scratch the Retbleed message appears.
camvirt
Posts: 41
Joined: 25. Mar 2019, 01:14

Re: RETBleed attack warning again

Post by camvirt »

Could "reset all warnings" be helpful incorrecting this retbleed meesage ?
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: RETBleed attack warning again

Post by scottgus1 »

Regrettably, I personally don't know anymore about fixing the retbleed issue. A forum guru might come along and weigh in.
camvirt wrote:Could "reset all warnings" be helpful incorrecting this retbleed meesage ?
If this is in the main Virtualbox window's File menu, then, no. This is for Virtualbox warnings, like the "This VM does not support Mouse Integration" or "How to get out of Scaled Mode", etc. The retbleed warning is inside the VM's OS, coming from the OS not Virtualbox.
fth0
Volunteer
Posts: 5668
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: RETBleed attack warning again

Post by fth0 »

As a general hint, VirtualBox only supports Linux kernel branches older than itself, on the host and in the guest. You should probably be running VirtualBox 6.1.40 on your host to support a newer Debian guest:

Linux kernels 5.19, 5.18, 5.17.12+ (e.g. Fedora 35 + 36), 5.15.44+ (e.g. Arch Linux 5.15.45-1-lts, Ubuntu 5.15.0-47.51) and 5.10.119+ (e.g. Debian Bullseye 5.10.0-15) and 5.4.200+ (e.g. Ubuntu 5.4.0-126.142) are only supported by VirtualBox 6.1.36 and newer.

When you're running a Debian guest in VirtualBox 6.1.40 and your problem persists, provide a (zipped) VBox.log file.
camvirt
Posts: 41
Joined: 25. Mar 2019, 01:14

Re: RETBleed attack warning again

Post by camvirt »

I am running Debian Kernel 5.10.0-19 and there was no Kernel changes since I issued the command which correct the initial Debian guest install.
There is no later version of Virtualbox available later than my current version 6.1.22 without me directly downloading.
See zip log.
Attachments
Debian32-2022-12-04-05-01-02.log.zip
debian log
(34.95 KiB) Downloaded 11 times
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: RETBleed attack warning again

Post by scottgus1 »

camvirt wrote:without me directly downloading.
That's what you'll have to do. You're running the Debian fork of Virtualbox, which isn't supported here. Please see https://www.virtualbox.org/wiki/Linux_Downloads and https://www.virtualbox.org/manual/ch02. ... linux-host
fth0
Volunteer
Posts: 5668
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: RETBleed attack warning again

Post by fth0 »

The Debian32-2022-12-04-05-01-02.log file shows a VM run where the speculation control interfaces have not been provided to the VM. Besides that, the VM has been restored from a saved state. You should bring the VM into the powered off state, then provide the speculation control interfaces and start the VM again.
camvirt
Posts: 41
Joined: 25. Mar 2019, 01:14

Re: RETBleed attack warning again

Post by camvirt »

If you mean entering the command VBoxManage modifyvm "VM name" --spec-ctrl after turning off the guest, That was done. As I said it worked before then the command stopped working.

If that is not what you mean please explain speculation control.
fth0
Volunteer
Posts: 5668
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: RETBleed attack warning again

Post by fth0 »

Yes, I meant that command (I tried to use the wording from the VirtualBox User Manual and just replaced "exposure" with "provide"). To rule out any potential mistake on your side, please do the following:

Bring the VM into the powered off state, use the VBoxManage command, start the VM again, shut it down again, and provide a zip file containing both the .vbox file and the VBox.log file.
Locked