[Whonix-devel] Fwd: Re: DRAMA countermeasures
bancfc at openmailbox.org
bancfc at openmailbox.org
Wed Aug 24 13:33:19 CEST 2016
-------- Original Message --------
Subject: Re: DRAMA countermeasures
Date: 2016-08-23 10:12
From: Daniel Gruss <gruss at tugraz.at>
To: bancfc at openmailbox.org, peter.pessl at iaik.tugraz.at
Cc: clementine.maurice at iaik.tugraz.at, Stefan.Mangard at iaik.tugraz.at,
whonix-devel at whonix.org
On 23.08.2016 00:34, bancfc at openmailbox.org wrote:
> Very neat attack. We are looking at the options for countermeasures.[1]
Thank You!
> Please feel free to correct me, the options are:
>
> * Running stress-m2 in parallel
At least -m2, or even more, depending on the system. And I'm not
convinced that will reliably prevent attacks. We have seen both the
covert and side channel being able to work in the presence of some
noise. Even if reliability goes down it might not make an attack
impossible. And, stress -m 2 is rather expensive.
> * NUMA with non-interleaved memory combined with CPU pinning
Yes.
> I prefer option two because its less resource intensive. However most
> commodity (non-server) PCs have only a single NUMA node. Can this be
> used meaningfully to prevent this attack?
Keeping tenants on different NUMA nodes with non-interleaved memory is
effective to prevent the attack.
If the system has only a single NUMA node, it's more difficult.
> You don't have to but I'd appreciate if you give an example Libvirt
> config [2] (for a system with 4 pCPUs one NUMA node) that defends
> against DRAMA successfully.
Sorry, not much experience with libvirt ;)
Important part is that the VMs on the different CPUs cannot access
memory of the other CPU. Then you prevent all cross-CPU DRAM attacks.
If you have any other questions, feel free to ask!
Cheers,
Daniel
More information about the Whonix-devel
mailing list