Some kind of defense technique against Spectre variants

Here you can provide suggestions on how to improve the product, website, etc.
Post Reply
VirtualJoe2
Posts: 2
Joined: 30. May 2018, 08:22

Some kind of defense technique against Spectre variants

Post by VirtualJoe2 »

Hi all !

I just wanna ask will be there some kind of special defense technique againt Spectre variants in virtual machines like some code obfuscation, or memory segment scrambling or native software emulation of CPU on critical points or just disable all HW assisted virtualization acceleration and enable full CPU FORCE software virtualization and render all CPU codes via software emulation ?

As far as I know VirtualBox currently affacted againt the all kind of Spetctre Variants in Virtual Guests even if ALL acceleration are disabled or even there is NO acceleration on the host at ALL.
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Some kind of defense technique against Spectre variants

Post by socratis »

VirtualJoe2 wrote:will be there some kind of special defense technique againt Spectre variants in virtual machines
It's already here. Just search your searchable PDF version of the User Manual for "spec-ctrl". Since it's small enough, I'll include the related passage here:
VBoxManage modifyvm <uuid|name>
           --spec-ctrl on|off
--spec-ctrl on|off: This setting enables/disables exposing speculation control interfaces to the guest, provided they are available on the host. Depending on the host CPU and workload, enabling speculation control may significantly reduce performance.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Post Reply