[Whonix-devel] Fwd: Re: DRAMA countermeasures
bancfc at openmailbox.org
bancfc at openmailbox.org
Sun Aug 28 14:23:29 CEST 2016
-------- Original Message --------
Subject: Re: DRAMA countermeasures
Date: 2016-08-28 10:52
From: Daniel Gruss <gruss at tugraz.at>
To: bancfc at openmailbox.org
Cc: peter.pessl at iaik.tugraz.at, clementine.maurice at iaik.tugraz.at,
Stefan.Mangard at iaik.tugraz.at, whonix-devel at whonix.org
On 2016-08-27 21:05, bancfc at openmailbox.org wrote:
> With KVM, CPU instructions can be masked out by QEMU and not be
> available to guests. I already blacklisted clflush some time ago. The
> different variants of the tsc instruction are not passed through by
> default either.
That sounds very interesting. How does QEMU mask out instructions when
using KVM with hardware virtualization extensions?
> I was wondering how helpful all this is? and how much this remaining
> timer can aid attacks?
As long as the guest can have true multithreading, removing timers does
not make any difference.
See Section 3.3 of
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_lipp.pdf
- Moritz and Clémentine will present this at BlackHat Europe in
November.
Even without any timers, multithreading allows to obtain a sufficiantly
accurate timestamp.
Cheers,
Daniel
More information about the Whonix-devel
mailing list