Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 2 Jan 2018 18:49:57 -0500
From:      Zaphod Beeblebrox <zbeeble@gmail.com>
To:        Michael Butler <imb@protected-networks.net>
Cc:        FreeBSD Current <freebsd-current@freebsd.org>
Subject:   Re: Intel CPU design flaw - FreeBSD affected?
Message-ID:  <CACpH0MfexmgvOkNpwbrkUJ15XPxTGpNE9ODNUi058ByVTpuzpw@mail.gmail.com>
In-Reply-To: <9dda0496-be16-35c6-6c45-63d03b218ccb@protected-networks.net>
References:  <9dda0496-be16-35c6-6c45-63d03b218ccb@protected-networks.net>

next in thread | previous in thread | raw e-mail | index | archive | help
>From the information that was leaked by AMD claiming that their processors
didn't have the flaws, it would seem any OS in which the kernel occupies
the same address space as the userland would be vulnerable.  The AMD post
implied that Intel's speculative execution of code did not check the
validity of the operands before speculatively executing the code.  I
suppose the implication is that the security check "catches up" with the
speculative execution at some point ... and that their (AMD's) microcode
did check.

Anyways... for those keeping score at home, this is a privilege escalation
bug... so it's only really useful in concert with other bugs ... but still
pretty huge.

Some estimate that between 5% and 30% performance degradation may be
unavoidable.  Some say it's worse or can't be fully fixed.

Certainly, the sunk cost of current CPUs is a huge issue for server farm
vendors like Amazon and/or google.

On Tue, Jan 2, 2018 at 6:13 PM, Michael Butler <imb@protected-networks.net>
wrote:

> Has any impact assessment been made as to FreeBSD's exposure or
> mitigation strategies?
>
> 'Kernel memory leaking' Intel processor design flaw forces Linux,
> Windows redesign - The Register
>
> https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
>
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACpH0MfexmgvOkNpwbrkUJ15XPxTGpNE9ODNUi058ByVTpuzpw>