RETBleed attack warning again
RETBleed attack warning again
I am using Mx-linux as a host and the version of Virtualbox is 6.1.22 and When I install a new Linux system guest I would see a ReTbleed attack error, which previously I correct by turning off the gust and issuing the command VBoxManage modifyvm "VM name" --spec-ctrl on which worked.
I tried to install Debian guest and the mesage still appears even after turning off the guest and issuing the command successfully.
MX-linux has not updated the version of Virtualbox why does it no longer work ?
orignal post
viewtopic.php?f=7&t=107103#p524017
I tried to install Debian guest and the mesage still appears even after turning off the guest and issuing the command successfully.
MX-linux has not updated the version of Virtualbox why does it no longer work ?
orignal post
viewtopic.php?f=7&t=107103#p524017
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: RETBleed attack warning again
Let's see if the command worked.
Right-click the VM in the main Virtualbox window's VM list, choose Show in Explorer/Finder/File Manager. Zip the VM's .vbox file (not the .vbox-prev file), and post the zip file, using the forum's Upload Attachment tab. (Configure your host OS to show all extensions if the folder that opens does not show a .vbox file.)
Right-click the VM in the main Virtualbox window's VM list, choose Show in Explorer/Finder/File Manager. Zip the VM's .vbox file (not the .vbox-prev file), and post the zip file, using the forum's Upload Attachment tab. (Configure your host OS to show all extensions if the folder that opens does not show a .vbox file.)
Re: RETBleed attack warning again
I have enclosed the zipped vbox file zipped and the list of current extensions. I have removed the VNC extension as I did not install it and do not know its funtion.
- Attachments
-
- Extensions
- virtualbox vnc extension.png (34.28 KiB) Viewed 3961 times
-
- Debian32 (copy 1).vbox.zip
- vbox zip
- (1.59 KiB) Downloaded 10 times
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: RETBleed attack warning again
If I read this correctly, the command worked. A forum guru may explain more clearly what's going on. Also, since this VM may be a copy based on the name, try a fresh Debian VM with the command put in place before installing the OS, see if the same Debian message occurs.the .vbox file wrote:<SpecCtrl enabled="true"/>
Re: RETBleed attack warning again
This is a new Debian 32 bit install. the vbox is not a copy. When it starts up the error message appears. What do you mean put the command in front? The command is placed on the host which is a MX-21.
- Attachments
-
- spectre error message on guest.png (7.45 KiB) Viewed 3928 times
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: RETBleed attack warning again
camvirt wrote:This is a new Debian 32 bit install. the vbox is not a copy.
OK.camvirt wrote:Debian32 (copy 1).vbox.zip
Language translation?camvirt wrote:What do you mean put the command in front?
After you make the new VM, before running the new VM to do the installation of Debian, run the command on the new VM. The new VM's .vbox file should have these lines:scottgus1 wrote:with the command put in place before installing the OS
This is speculation, on the guess that Debian may need a recalculation of its installation in some way if this spec ctrl is changed.<Hardware>
<CPU>
....
<SpecCtrl enabled="true"/>
One other thing, this protection might be required on the host first.
Re: RETBleed attack warning again
The host mx-21 does have retbleed mitigation installed and confirmed via an app. I have reinstalled Debian32 bit and the same error occurs.
Note that when I implemented the command VBoxManage modifyvm "VM name" --spec-ctrl on it worked and the message did not appear. After installing this new version of Debian from scratch the Retbleed message appears.
Note that when I implemented the command VBoxManage modifyvm "VM name" --spec-ctrl on it worked and the message did not appear. After installing this new version of Debian from scratch the Retbleed message appears.
Re: RETBleed attack warning again
Could "reset all warnings" be helpful incorrecting this retbleed meesage ?
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: RETBleed attack warning again
Regrettably, I personally don't know anymore about fixing the retbleed issue. A forum guru might come along and weigh in.
If this is in the main Virtualbox window's File menu, then, no. This is for Virtualbox warnings, like the "This VM does not support Mouse Integration" or "How to get out of Scaled Mode", etc. The retbleed warning is inside the VM's OS, coming from the OS not Virtualbox.camvirt wrote:Could "reset all warnings" be helpful incorrecting this retbleed meesage ?
-
- Volunteer
- Posts: 5668
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: RETBleed attack warning again
As a general hint, VirtualBox only supports Linux kernel branches older than itself, on the host and in the guest. You should probably be running VirtualBox 6.1.40 on your host to support a newer Debian guest:
Linux kernels 5.19, 5.18, 5.17.12+ (e.g. Fedora 35 + 36), 5.15.44+ (e.g. Arch Linux 5.15.45-1-lts, Ubuntu 5.15.0-47.51) and 5.10.119+ (e.g. Debian Bullseye 5.10.0-15) and 5.4.200+ (e.g. Ubuntu 5.4.0-126.142) are only supported by VirtualBox 6.1.36 and newer.
When you're running a Debian guest in VirtualBox 6.1.40 and your problem persists, provide a (zipped) VBox.log file.
Linux kernels 5.19, 5.18, 5.17.12+ (e.g. Fedora 35 + 36), 5.15.44+ (e.g. Arch Linux 5.15.45-1-lts, Ubuntu 5.15.0-47.51) and 5.10.119+ (e.g. Debian Bullseye 5.10.0-15) and 5.4.200+ (e.g. Ubuntu 5.4.0-126.142) are only supported by VirtualBox 6.1.36 and newer.
When you're running a Debian guest in VirtualBox 6.1.40 and your problem persists, provide a (zipped) VBox.log file.
Re: RETBleed attack warning again
I am running Debian Kernel 5.10.0-19 and there was no Kernel changes since I issued the command which correct the initial Debian guest install.
There is no later version of Virtualbox available later than my current version 6.1.22 without me directly downloading.
See zip log.
There is no later version of Virtualbox available later than my current version 6.1.22 without me directly downloading.
See zip log.
- Attachments
-
- Debian32-2022-12-04-05-01-02.log.zip
- debian log
- (34.95 KiB) Downloaded 11 times
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: RETBleed attack warning again
That's what you'll have to do. You're running the Debian fork of Virtualbox, which isn't supported here. Please see https://www.virtualbox.org/wiki/Linux_Downloads and https://www.virtualbox.org/manual/ch02. ... linux-hostcamvirt wrote:without me directly downloading.
-
- Volunteer
- Posts: 5668
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: RETBleed attack warning again
The Debian32-2022-12-04-05-01-02.log file shows a VM run where the speculation control interfaces have not been provided to the VM. Besides that, the VM has been restored from a saved state. You should bring the VM into the powered off state, then provide the speculation control interfaces and start the VM again.
Re: RETBleed attack warning again
If you mean entering the command VBoxManage modifyvm "VM name" --spec-ctrl after turning off the guest, That was done. As I said it worked before then the command stopped working.
If that is not what you mean please explain speculation control.
If that is not what you mean please explain speculation control.
-
- Volunteer
- Posts: 5668
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: RETBleed attack warning again
Yes, I meant that command (I tried to use the wording from the VirtualBox User Manual and just replaced "exposure" with "provide"). To rule out any potential mistake on your side, please do the following:
Bring the VM into the powered off state, use the VBoxManage command, start the VM again, shut it down again, and provide a zip file containing both the .vbox file and the VBox.log file.
Bring the VM into the powered off state, use the VBoxManage command, start the VM again, shut it down again, and provide a zip file containing both the .vbox file and the VBox.log file.