QSB #053: TSX Asynchronous Abort speculative side channel (XSA-305)

49 views
Skip to first unread message

Andrew David Wong

unread,
Nov 14, 2019, 8:42:18 AM11/14/19
to qubes-a...@googlegroups.com, qubes...@googlegroups.com, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Dear Qubes Community,

We have just published Qubes Security Bulletin (QSB) #053: TSX
Asynchronous Abort speculative side channel (XSA-305). The text of this
QSB is reproduced below. This QSB and its accompanying signatures will
always be available in the Qubes Security Pack (qubes-secpack).

View QSB #053 in the qubes-secpack:

https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-053-2019.txt

Learn about the qubes-secpack, including how to obtain, verify, and read it:

https://www.qubes-os.org/security/pack/

View all past QSBs:

https://www.qubes-os.org/security/bulletins/

```


---===[ Qubes Security Bulletin #53 ]===---

2019-11-13


TSX Asynchronous Abort speculative side channel (XSA-305)

Summary
========

On 2019-11-12, the Xen Security Team published Xen Security Advisory
305 (CVE-2019-11135 / XSA-305) [1] with the following description:

| This is very closely related to the Microarchitectural Data Sampling
| vulnerabilities from May 2019.
|
| Please see https://xenbits.xen.org/xsa/advisory-297.html for details
| about MDS.
|
| A new way to sample data from microarchitectural structures has been
| identified. A TSX Asynchronous Abort is a state which occurs between a
| transaction definitely aborting (usually for reasons outside of the
| pipeline's control e.g. receiving an interrupt), and architectural state
| being rolled back to start of the transaction.
|
| During this period, speculative execution may be able to infer the value
| of data in the microarchitectural structures.
|
| For more details, see:
| https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
|
| An attacker, which could include a malicious untrusted user process on a
| trusted guest, or an untrusted guest, can sample the content of
| recently-used memory operands and IO Port writes.
|
| This can include data from:
|
| * A previously executing context (process, or guest, or
| hypervisor/toolstack) at the same privilege level.
| * A higher privilege context (kernel, hypervisor, SMM) which
| interrupted the attacker's execution.
|
| Vulnerable data is that on the same physical core as the attacker. This
| includes, when hyper-threading is enabled, adjacent threads.
|
| An attacker cannot use this vulnerability to target specific data. An
| attack would likely require sampling over a period of time and the
| application of statistical methods to reconstruct interesting data.

This is yet another CPU hardware bug related to speculative execution.

Only Intel processors which support TSX and have hardware mitigation
against MDS are affected (see the XSA and the Intel advisory linked
above for details and a list of affected processor families).

Note: There was no embargo period for this XSA.

Patching
=========

The Xen Project has provided patches that mitigate this issue. A CPU
microcode update is required to take advantage of them. Note that
microcode updates may not be available for older CPUs. (See the Intel
advisory linked above for details.)

The specific packages that resolve the problems discussed in this
bulletin are as follows:

For Qubes 4.0:
- Xen packages, version 4.8.5-12
- microcode_ctl 2.1-29.qubes1

The packages are to be installed in dom0 via the Qubes VM Manager or via
the qubes-dom0-update command as follows:

For updates from the stable repository (not immediately available):
$ sudo qubes-dom0-update

For updates from the security-testing repository:
$ sudo qubes-dom0-update --enablerepo=qubes-dom0-security-testing

A system restart will be required afterwards.

These packages will migrate from the security-testing repository to the
current (stable) repository over the next two weeks after being tested
by the community.

If you use Anti Evil Maid, you will need to reseal your secret
passphrase to new PCR values, as PCR18+19 will change due to the new
Xen binaries.

Credits
========

See the original Xen Security Advisory.

References
===========

[1] https://xenbits.xen.org/xsa/advisory-305.html

- --
The Qubes Security Team
https://www.qubes-os.org/security/
```

This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2019/11/13/qsb-053/

- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl3NWa4ACgkQ203TvDlQ
MDDHSQ/+JMTkDECEu8z2TuUQRfWmP+h3xqTAYVCkS3uCY7CEmXo34zdcz7NxEGZq
pruHXGMB/EgVG7GCurN6HKRXStjGf0qhK/Jw/J8Zw9QND4kI38JV8ohmuhBJU8Mc
3HVoTLFtjOlnzf8CEJR7977uo4O3C+PLg//zfUZv/Z3RNZN0fhSuWTWnO5m55tC9
ATNzZL/UKoaZmXnvOv05q7olE+fFcdTzn9kNm4QUVkM+Z/NfwdjnTZT2Hjpooe3Y
4SDxKJ2bqKxMGcw80qPjss+gXmqu7+Lsfwzdn2qdZtYhE4cDYDnklPaJQ1kc+5PO
CkSr8jCGn8fDBGu3jao4ASQ12wAT4eXj39KSxZgXAwwxkYYlqh5ts8ZTyOcVHWoc
qUw0/sE0iRDeOMdbayo83xfOki95GkMNELB7gJ0rv69R3cfOPTZDwchXpQJ1Pbpy
2GzbNPSPv7vaDjwuFsHOKoro21fyXJa3seTiTukXbJvvnCxKpEhS7yIbX8N7jwzJ
aavQ8EHFkXY7O1uxd+spqNqfkK7I1XWmQ4Aao4rWS/WMWT1Zj6BZRM98ewEmyECr
j5fEdVa52KMC6P62bb2n4zPS0+ugPg+kbcBugoyK+wnRCZzWWkWmr3Jk31PR7vcu
yy2205sbYsW+H8TbsYEu3h1wk3g03L7Z93CxmMyHdcjG9F8P1jQ=
=SoLf
-----END PGP SIGNATURE-----

Chris Laprise

unread,
Nov 14, 2019, 9:51:03 AM11/14/19
to qubes...@googlegroups.com, Andrew David Wong
One of the packages came down with an incorrect signature:

*** ERROR while receiving updates:
Error while verifing kernel-4.19.82-1.pvops.qubes.x86_64.rpm signature:
/var/lib/qubes/updates/rpm/kernel-4.19.82-1.pvops.qubes.x86_64.rpm: rsa
sha1 (MD5) PGP MD5 NOT OK


I'm not sure if that kernel is necessary for the patch, but that is what
downloaded when I specified qubes-dom0-security-testing.

--

Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886

Andrew David Wong

unread,
Nov 15, 2019, 3:01:21 AM11/15/19
to Chris Laprise, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2019-11-14 8:50 AM, Chris Laprise wrote:
> One of the packages came down with an incorrect signature:
>
> *** ERROR while receiving updates: Error while verifing
> kernel-4.19.82-1.pvops.qubes.x86_64.rpm signature:
> /var/lib/qubes/updates/rpm/kernel-4.19.82-1.pvops.qubes.x86_64.rpm:
> rsa sha1 (MD5) PGP MD5 NOT OK
>
>
> I'm not sure if that kernel is necessary for the patch, but that is
> what downloaded when I specified qubes-dom0-security-testing.
>

I was not able to reproduce this when updating over clearnet. Have you
tried restarting your UpdateVM and trying again?

- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl3OW0EACgkQ203TvDlQ
MDAq5Q//QGHZX8G82QdM8+7pdR2itVb16vZkufiIfEApRUSR8Gp3BJvBb2tqv08/
mizpzL0nDAJ/WaZtb0wZSr2qXzMcZq88n3cLBIOxdWbTbjG9sIePAPOqg8jZT8p2
k6y+lG/YpdiRqtzEFyap/7afh+y0jBW9/vsG5f0RQ38ytxa6+/WW9Pm+v0Y+oy7n
+8E0NoBU9I9nu3Ek/jrX9p23Fynv25ekT2lgeIVwsuYT0fCGEeqZ2PJY51TJxlHd
jPxbmUXFUjFH5pmxJR9VD1D+pTko1T+bYFo5KCN7qZrSzUGShx5OrYEb7J41K3gV
4x1NnCe3NrdRl06IU9RIZ3KvlBzE5zCzEUt9czHT/GXhuSiUd1Qub+F+j95WpPOE
zlipgLWcplqgz8rHA9AAeF2sSBMsJCqtND3m3Bh9xQFeMtURblmHQpo2yyYWERA1
vIkF21ofufyLA3T2CcTrt6B0dcPxmjKlTxQPx/kdi6/D5dTrAuNuGxBu9h9ZcQSv
nizBPtreLqxGwYWcHPAjKRKYN9oAjcXu/AcpB9Go9jjTIGlDAkaZL0aB3fitloTo
di2S2IrgOc8cmuYYB2Ix4qnADlkSTCByjI/hLlPPni/3Zb8g/GyTypC5pjOhoKYM
lX5q+vDDjkIviVSu/dqIL6k2QIee6HEY6KPG3f1anCLSs+4T5dM=
=wsoP
-----END PGP SIGNATURE-----

Chris Laprise

unread,
Nov 15, 2019, 5:28:24 AM11/15/19
to Andrew David Wong, qubes...@googlegroups.com
On 11/15/19 3:01 AM, Andrew David Wong wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 2019-11-14 8:50 AM, Chris Laprise wrote:
>> One of the packages came down with an incorrect signature:
>>
>> *** ERROR while receiving updates: Error while verifing
>> kernel-4.19.82-1.pvops.qubes.x86_64.rpm signature:
>> /var/lib/qubes/updates/rpm/kernel-4.19.82-1.pvops.qubes.x86_64.rpm:
>> rsa sha1 (MD5) PGP MD5 NOT OK
>>
>>
>> I'm not sure if that kernel is necessary for the patch, but that is
>> what downloaded when I specified qubes-dom0-security-testing.
>>
>
> I was not able to reproduce this when updating over clearnet. Have you
> tried restarting your UpdateVM and trying again?

Thanks. It worked after I did an 'action=clear all'.

Steve Coleman

unread,
Nov 15, 2019, 8:32:03 AM11/15/19
to qubes...@googlegroups.com
On 2019-11-15 05:28, Chris Laprise wrote:
> On 11/15/19 3:01 AM, Andrew David Wong wrote:

>> On 2019-11-14 8:50 AM, Chris Laprise wrote:
>>> One of the packages came down with an incorrect signature:
>>>
>>> *** ERROR while receiving updates: Error while verifing
>>> kernel-4.19.82-1.pvops.qubes.x86_64.rpm signature:
>>> /var/lib/qubes/updates/rpm/kernel-4.19.82-1.pvops.qubes.x86_64.rpm:
>>> rsa sha1 (MD5) PGP MD5 NOT OK

>> I was not able to reproduce this when updating over clearnet. Have you
>> tried restarting your UpdateVM and trying again?
>
> Thanks. It worked after I did an 'action=clear all'.

Not sure if it is the exact same issue as here, but I had a similar
problem on my home Qubes4 system just last night.

My GPG issue has to do with the sys-firewall / system disk volume
filling up during the download phase, thus the GPG check on the kernel
package was failing. This is likely just a coincidence only because the
kernel package is a fairly large one, and more likely to run out of
space when downloading it.

I have since bumped up both the sys-firewall private and system storage
size,cleared the cached packages using the dom0 --action="clear all",
used sys-firewall local dnf "clear all", restarted networking vm's,
even restarted the physical machine, and yet all that still did not
resolve my update issues. My sys-firewall VM / is still around 98% full,
with not enough room for completing any of my required updates.

I'll be looking into this later tonight to see if I can't figure out
what is filling that volume and why that / volume does not seem to be
expanding properly. I have not added anything to that sys-firewall
volume myself so I have no clue why it suddenly filled up to that point
and thus broke _all_ my updates.





Reply all
Reply to author
Forward
0 new messages