Hi all !
I just wanna ask will be there some kind of special defense technique againt Spectre variants in virtual machines like some code obfuscation, or memory segment scrambling or native software emulation of CPU on critical points or just disable all HW assisted virtualization acceleration and enable full CPU FORCE software virtualization and render all CPU codes via software emulation ?
As far as I know VirtualBox currently affacted againt the all kind of Spetctre Variants in Virtual Guests even if ALL acceleration are disabled or even there is NO acceleration on the host at ALL.
Some kind of defense technique against Spectre variants
-
- Posts: 2
- Joined: 30. May 2018, 08:22
-
- Site Moderator
- Posts: 27330
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Some kind of defense technique against Spectre variants
It's already here. Just search your searchable PDF version of the User Manual for "spec-ctrl". Since it's small enough, I'll include the related passage here:VirtualJoe2 wrote:will be there some kind of special defense technique againt Spectre variants in virtual machines
VBoxManage modifyvm <uuid|name> --spec-ctrl on|off--spec-ctrl on|off: This setting enables/disables exposing speculation control interfaces to the guest, provided they are available on the host. Depending on the host CPU and workload, enabling speculation control may significantly reduce performance.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.