Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 02 Jan 2018 16:56:16 -0800
From:      Cy Schubert <Cy.Schubert@komquats.com>
To:        freebsd-current@freebsd.org, Zaphod Beeblebrox <zbeeble@gmail.com>, Michael Butler <imb@protected-networks.net>
Cc:        FreeBSD Current <freebsd-current@freebsd.org>
Subject:   RE: Intel CPU design flaw - FreeBSD affected?
Message-ID:  <3720C563-77D8-4B9C-BFA7-082B91575506@cschubert.com>
In-Reply-To: <20180103002445.2F9292E8@spqr.komquats.com>
References:  <20180103002445.2F9292E8@spqr.komquats.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On January 2, 2018 4:24:55 PM PST, Cy Schubert <Cy=2ESchubert@komquats=2Eco=
m> wrote:
>https://mobile=2Etwitter=2Ecom/grsecurity/status/948170302286172160?p=3Dv
>
>---
>Sent using a tiny phone keyboard=2E
>Apologies for any typos and autocorrect=2E
>Also, this old phone only supports top post=2E Apologies=2E
>
>Cy Schubert
><Cy=2ESchubert@cschubert=2Ecom> or <cy@freebsd=2Eorg>
>The need of the many outweighs the greed of the few=2E
>---
>
>-----Original Message-----
>From: Zaphod Beeblebrox
>Sent: 02/01/2018 15:50
>To: Michael Butler
>Cc: FreeBSD Current
>Subject: Re: Intel CPU design flaw - FreeBSD affected?
>
>>From the information that was leaked by AMD claiming that their
>processors
>didn't have the flaws, it would seem any OS in which the kernel
>occupies
>the same address space as the userland would be vulnerable=2E  The AMD
>post
>implied that Intel's speculative execution of code did not check the
>validity of the operands before speculatively executing the code=2E  I
>suppose the implication is that the security check "catches up" with
>the
>speculative execution at some point =2E=2E=2E and that their (AMD's)
>microcode
>did check=2E
>
>Anyways=2E=2E=2E for those keeping score at home, this is a privilege
>escalation
>bug=2E=2E=2E so it's only really useful in concert with other bugs =2E=2E=
=2E but
>still
>pretty huge=2E
>
>Some estimate that between 5% and 30% performance degradation may be
>unavoidable=2E  Some say it's worse or can't be fully fixed=2E
>
>Certainly, the sunk cost of current CPUs is a huge issue for server
>farm
>vendors like Amazon and/or google=2E
>
>On Tue, Jan 2, 2018 at 6:13 PM, Michael Butler
><imb@protected-networks=2Enet>
>wrote:
>
>> Has any impact assessment been made as to FreeBSD's exposure or
>> mitigation strategies?
>>
>> 'Kernel memory leaking' Intel processor design flaw forces Linux,
>> Windows redesign - The Register
>>
>> https://www=2Etheregister=2Eco=2Euk/2018/01/02/intel_cpu_design_flaw/
>>
>>
>_______________________________________________
>freebsd-current@freebsd=2Eorg mailing list
>https://lists=2Efreebsd=2Eorg/mailman/listinfo/freebsd-current
>To unsubscribe, send any mail to
>"freebsd-current-unsubscribe@freebsd=2Eorg"
>
>_______________________________________________
>freebsd-current@freebsd=2Eorg mailing list
>https://lists=2Efreebsd=2Eorg/mailman/listinfo/freebsd-current
>To unsubscribe, send any mail to
>"freebsd-current-unsubscribe@freebsd=2Eorg"

No need for invpcid, https://patchwork=2Ekernel=2Eorg/patch/10081791/=2E
---
Cy Schubert
<Cy=2ESchubert@cschubeet=2Ecom> or <cy@freebsd=2Eorg>
-- small keyboard in use, apologies for typos and autocorrect --



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3720C563-77D8-4B9C-BFA7-082B91575506>