VMSCAPE

VMSCAPE is a vulnerability that may allow a guest to influence the branch prediction in host userspace. It particularly affects hypervisors like QEMU.

Even if a hypervisor may not have any sensitive data like disk encryption keys, guest-userspace may be able to attack the guest-kernel using the hypervisor as a confused deputy.

Affected processors

The following CPU families are affected by VMSCAPE:

Intel processors:

  • Skylake generation (Parts without Enhanced-IBRS)

  • Cascade Lake generation - (Parts affected by ITS guest/host separation)

  • Alder Lake and newer (Parts affected by BHI)

Note that, BHI affected parts that use BHB clearing software mitigation e.g. Icelake are not vulnerable to VMSCAPE.

AMD processors:

  • Zen series (families 0x17, 0x19, 0x1a)

** Hygon processors:**

  • Family 0x18

Mitigation

Conditional IBPB

Kernel tracks when a CPU has run a potentially malicious guest and issues an IBPB before the first exit to userspace after VM-exit. If userspace did not run between VM-exit and the next VM-entry, no IBPB is issued.

Note that the existing userspace mitigation against Spectre-v2 is effective in protecting the userspace. They are insufficient to protect the userspace VMMs from a malicious guest. This is because Spectre-v2 mitigations are applied at context switch time, while the userspace VMM can run after a VM-exit without a context switch.

Vulnerability enumeration and mitigation is not applied inside a guest. This is because nested hypervisors should already be deploying IBPB to isolate themselves from nested guests.

SMT considerations

When Simultaneous Multi-Threading (SMT) is enabled, hypervisors can be vulnerable to cross-thread attacks. For complete protection against VMSCAPE attacks in SMT environments, STIBP should be enabled.

The kernel will issue a warning if SMT is enabled without adequate STIBP protection. Warning is not issued when:

  • SMT is disabled

  • STIBP is enabled system-wide

  • Intel eIBRS is enabled (which implies STIBP protection)

System information and options

The sysfs file showing VMSCAPE mitigation status is:

/sys/devices/system/cpu/vulnerabilities/vmscape

The possible values in this file are:

  • ‘Not affected’:

    The processor is not vulnerable to VMSCAPE attacks.

  • ‘Vulnerable’:

    The processor is vulnerable and no mitigation has been applied.

  • ‘Mitigation: IBPB before exit to userspace’:

    Conditional IBPB mitigation is enabled. The kernel tracks when a CPU has run a potentially malicious guest and issues an IBPB before the first exit to userspace after VM-exit.

  • ‘Mitigation: IBPB on VMEXIT’:

    IBPB is issued on every VM-exit. This occurs when other mitigations like RETBLEED or SRSO are already issuing IBPB on VM-exit.

Mitigation control on the kernel command line

The mitigation can be controlled via the vmscape= command line parameter:

  • vmscape=off:

    Disable the VMSCAPE mitigation.

  • vmscape=ibpb:

    Enable conditional IBPB mitigation (default when CONFIG_MITIGATION_VMSCAPE=y).

  • vmscape=force:

    Force vulnerability detection and mitigation even on processors that are not known to be affected.