Guest systems sees CPU of the Host

Support
1

Hello,
In earlier versions of VirtualBox there was ‘–synthcpu on|off’ option, that made host CPU ‘generic’ (something like ‘Virtualbox CPU’ or similar) for guest. But starting from 5.0.0 that option was removed (why?) and host CPU is visible (all, Windows, Whonix-Workstation, Whonix-Gateway). However, the latest manual contains that option (p. 131). Maybe it’s simply bug…

Also I was trying qemu. But it’s similar, Whonix-Workstation/Whonix-Gateway can view host CPU through /proc/cpuinfo (vendor, cpu family, etc).

How important is information about CPU regarding to anonimity?

2

There was no deliberate change from Whonix side.

Once the VM is compromised, it’s better if such information from the system is hidden.

3

CPU information is masked in KVM settings.

4

Is that it?

or what option?

5

Good you’re asking!

No. (Whonix Forum)

This:

6

Use the XML settings that come with the qcow images and it will be configured already.

7

If I understand correctly, you say about using KVM/QEMU with “VirtualBox GUI”?
How to prepare “separate VB GUI”?

Is anywhere description? The wiki is empty.

8

[quote=“SDi, post:7, topic:1413”][quote author=Patrick link=topic=1696.msg10321#msg10321 date=1442755672]

If I understand correctly, you say about using KVM/QEMU with “VirtualBox GUI”?
How to prepare “separate VB GUI”?[/quote]
Forget about this. I was referring to something wrong. (You were not using VirtualBox. So allright. That post only says “leave VirtualBox settings as is, don’t set VirtualBox to KVM”.

[quote=“SDi, post:7, topic:1413”][quote author=HulaHoop link=topic=1696.msg10323#msg10323 date=1442759548]
Use the XML settings that come with the qcow images and it will be configured already.
[/quote]
Is anywhere description? The wiki is empty.[/quote]
It’s included in the downloadable ‘.libvirt.xz’ files. Just follow Whonix ™ for KVM from top to bottom and you won’t be missing it.

9

Not that.
I have made all according to wiki (default). I didn’t change anything in XML. And, when I start the Gateway it shows me (via /proc/cpuinfo) host cpu vendor and family.
So, if there is possibility to hide cpu model by changing Whonix-Gateway-xxx.xml, what should I write?
The third line of XML is:

<description>Do not change any settings if you do not understand the consequences! Learn more: https://www.whonix.org/wiki/KVM#XML_Settings</description>

And link (Whonix for KVM) returns me:
TODO: Soon here xml settings will be explained here.

So where can I “Learn more”? :slight_smile:
That’s it.

10

When I tested this before the host CPU serial number was not exposed in the guest and had different spoofed numbers.

What is not hidden however is the particular manufacturer of your CPU aka the VendorID. This can be forced but I don’t see the benefit. By default the CPU Family is chosen to be the one closest to the host’s to expose as much functionality to the guest as possible. This too can can be changed but it might prevent certain things like nested virtualization from working. I will not set these defaults unless you test that they don’t break nested virtualization.

More information on settings here:
https://wiki.openstack.org/wiki/LibvirtXMLCPUModel

11

Looks like “synthcpu” option was not removed from VirtualBox, but replaced with “cpuid-portability-level” (which is not mentioned in manuals yet).

12

Thanks. Created ⚓ T408 --synthcpu was removed from VirtualBox, use --cpuid-portability-level or --cpuidremoveall? for it. Note, no one is currently concentrating on VirtualBox, so don’t hold your breath for this.

13

I’ve updated the ticket.

https://phabricator.whonix.org/T408

Please help testing this.

  • Run inside Whonix-Workstation:

cat /proc/cpuinfo

  • Safe that output.

  • Please try with the latest version of VirtualBox. At least version 5.

  • Shut down Whonix-Workstation. (Most likely required.)

  • On the host. Run without root. Run as normal user:

VBoxManage modifyvm Whonix-Workstation --cpuidremoveall

  • Start Whonix-Workstation. Run cat /proc/cpuinfo again. Compare. See if there is any improvement.
  • Keep this option and see if anything else breaks. I.e. if performance got worse. Or if any applications no longer work. No leaks expected since it’s an unrelated option.
14

@nurmagoz @Corrupt_Correct_Pig

15

this experiment should be done inside debian + vbox + whonix right ?

16

Yes, it should be.

17

hmm well i dont think i have seen anything different. nothing breaks nor performance gone worst. im using 5.0.10 vbox + debian 8.2 + whonix 12

  • cpu test 1:- (before VBoxManage modifyvm Whonix-Workstation --cpuidremoveall)

processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 37
model name : Intel(R) Core™ i5 CPU M 580 @ 2.67GHz
stepping : 5
microcode : 0x616
cpu MHz : 2659.899
cache size : 3072 KB
physical id : 0
siblings : 1
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fdiv_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx lm constant_tsc xtopology nonstop_tsc pni monitor lahf_lm
bogomips : 5319.79
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

  • cpu test 2 (after VBoxManage modifyvm Whonix-Workstation --cpuidremoveall + shutdown the WS)

processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 37
model name : Intel(R) Core™ i5 CPU M 580 @ 2.67GHz
stepping : 5
microcode : 0x616
cpu MHz : 2660.690
cache size : 3072 KB
physical id : 0
siblings : 1
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fdiv_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx lm constant_tsc xtopology nonstop_tsc pni monitor lahf_lm
bogomips : 5321.38
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

  • this is from KVM + whonix 12 (cat /proc/cpuinfo inside WS)

processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 6
model name : QEMU Virtual CPU version 2.1.2
stepping : 3
microcode : 0x1
cpu MHz : 2659.914
cache size : 4096 KB
physical id : 0
siblings : 1
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fdiv_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 4
wp : yes
flags : fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pse36 clflush mmx fxsr sse sse2 syscall nx lm pni cx16 x2apic popcnt hypervisor lahf_lm
bogomips : 5319.82
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management:

processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 6
model name : QEMU Virtual CPU version 2.1.2
stepping : 3
microcode : 0x1
cpu MHz : 2659.914
cache size : 4096 KB
physical id : 1
siblings : 1
core id : 0
cpu cores : 1
apicid : 1
initial apicid : 1
fdiv_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 4
wp : yes
flags : fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pse36 clflush mmx fxsr sse sse2 syscall nx lm pni cx16 x2apic popcnt hypervisor lahf_lm
bogomips : 1945.60
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management:

  • from whonix 12 WS - qubes Q3 “cat /proc/cpuinfo” (different PC)

processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core™ i7-4710HQ CPU @ 2.50GHz
stepping : 3
microcode : 0x17
cpu MHz : 2494.312
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 1
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm ida arat epb pln pts dtherm fsgsbase bmi1 avx2 bmi2 erms xsaveopt
bugs :
bogomips : 4988.62
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:

processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core™ i7-4710HQ CPU @ 2.50GHz
stepping : 3
microcode : 0x17
cpu MHz : 2494.312
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 1
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm ida arat epb pln pts dtherm fsgsbase bmi1 avx2 bmi2 erms xsaveopt
bugs :
bogomips : 4988.62
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:

processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core™ i7-4710HQ CPU @ 2.50GHz
stepping : 3
microcode : 0x17
cpu MHz : 2494.312
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 1
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm ida arat epb pln pts dtherm fsgsbase bmi1 avx2 bmi2 erms xsaveopt
bugs :
bogomips : 4988.62
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:

processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core™ i7-4710HQ CPU @ 2.50GHz
stepping : 3
microcode : 0x17
cpu MHz : 2494.312
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 1
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm ida arat epb pln pts dtherm fsgsbase bmi1 avx2 bmi2 erms xsaveopt
bugs :
bogomips : 4988.62
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:

processor : 4
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core™ i7-4710HQ CPU @ 2.50GHz
stepping : 3
microcode : 0x17
cpu MHz : 2494.312
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 1
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm ida arat epb pln pts dtherm fsgsbase bmi1 avx2 bmi2 erms xsaveopt
bugs :
bogomips : 4988.62
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:

processor : 5
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core™ i7-4710HQ CPU @ 2.50GHz
stepping : 3
microcode : 0x17
cpu MHz : 2494.312
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 1
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm ida arat epb pln pts dtherm fsgsbase bmi1 avx2 bmi2 erms xsaveopt
bugs :
bogomips : 4988.62
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:

processor : 6
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core™ i7-4710HQ CPU @ 2.50GHz
stepping : 3
microcode : 0x17
cpu MHz : 2494.312
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 1
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm ida arat epb pln pts dtherm fsgsbase bmi1 avx2 bmi2 erms xsaveopt
bugs :
bogomips : 4988.62
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:

processor : 7
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core™ i7-4710HQ CPU @ 2.50GHz
stepping : 3
microcode : 0x17
cpu MHz : 2494.312
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 1
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm ida arat epb pln pts dtherm fsgsbase bmi1 avx2 bmi2 erms xsaveopt
bugs :
bogomips : 4988.62
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:

18

KVM = Spoofed the CPU :white_check_mark:

Virtualbox = Failed to do that :heavy_multiplication_x:

Qubes = The most failure :x:

19

Thank you for testing this! So it seems VirtualBox --cpuidremoveall fails to result in the effect.

1 Like
20

Therefore closed the ticket.
https://phabricator.whonix.org/T408#7461

Nothing can be done about this.

(Same as in previous VirtualBox versions.)