Date: Tue, 02 Jan 2018 16:56:16 -0800 From: Cy Schubert <Cy.Schubert@komquats.com> To: freebsd-current@freebsd.org, Zaphod Beeblebrox <zbeeble@gmail.com>, Michael Butler <imb@protected-networks.net> Cc: FreeBSD Current <freebsd-current@freebsd.org> Subject: RE: Intel CPU design flaw - FreeBSD affected? Message-ID: <3720C563-77D8-4B9C-BFA7-082B91575506@cschubert.com> In-Reply-To: <20180103002445.2F9292E8@spqr.komquats.com> References: <20180103002445.2F9292E8@spqr.komquats.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On January 2, 2018 4:24:55 PM PST, Cy Schubert <Cy=2ESchubert@komquats=2Eco= m> wrote: >https://mobile=2Etwitter=2Ecom/grsecurity/status/948170302286172160?p=3Dv > >--- >Sent using a tiny phone keyboard=2E >Apologies for any typos and autocorrect=2E >Also, this old phone only supports top post=2E Apologies=2E > >Cy Schubert ><Cy=2ESchubert@cschubert=2Ecom> or <cy@freebsd=2Eorg> >The need of the many outweighs the greed of the few=2E >--- > >-----Original Message----- >From: Zaphod Beeblebrox >Sent: 02/01/2018 15:50 >To: Michael Butler >Cc: FreeBSD Current >Subject: Re: Intel CPU design flaw - FreeBSD affected? > >>From the information that was leaked by AMD claiming that their >processors >didn't have the flaws, it would seem any OS in which the kernel >occupies >the same address space as the userland would be vulnerable=2E The AMD >post >implied that Intel's speculative execution of code did not check the >validity of the operands before speculatively executing the code=2E I >suppose the implication is that the security check "catches up" with >the >speculative execution at some point =2E=2E=2E and that their (AMD's) >microcode >did check=2E > >Anyways=2E=2E=2E for those keeping score at home, this is a privilege >escalation >bug=2E=2E=2E so it's only really useful in concert with other bugs =2E=2E= =2E but >still >pretty huge=2E > >Some estimate that between 5% and 30% performance degradation may be >unavoidable=2E Some say it's worse or can't be fully fixed=2E > >Certainly, the sunk cost of current CPUs is a huge issue for server >farm >vendors like Amazon and/or google=2E > >On Tue, Jan 2, 2018 at 6:13 PM, Michael Butler ><imb@protected-networks=2Enet> >wrote: > >> Has any impact assessment been made as to FreeBSD's exposure or >> mitigation strategies? >> >> 'Kernel memory leaking' Intel processor design flaw forces Linux, >> Windows redesign - The Register >> >> https://www=2Etheregister=2Eco=2Euk/2018/01/02/intel_cpu_design_flaw/ >> >> >_______________________________________________ >freebsd-current@freebsd=2Eorg mailing list >https://lists=2Efreebsd=2Eorg/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to >"freebsd-current-unsubscribe@freebsd=2Eorg" > >_______________________________________________ >freebsd-current@freebsd=2Eorg mailing list >https://lists=2Efreebsd=2Eorg/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to >"freebsd-current-unsubscribe@freebsd=2Eorg" No need for invpcid, https://patchwork=2Ekernel=2Eorg/patch/10081791/=2E --- Cy Schubert <Cy=2ESchubert@cschubeet=2Ecom> or <cy@freebsd=2Eorg> -- small keyboard in use, apologies for typos and autocorrect --
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3720C563-77D8-4B9C-BFA7-082B91575506>