From owner-freebsd-security@freebsd.org Tue Jan 16 05:20:25 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D5E75E76DC6 for ; Tue, 16 Jan 2018 05:20:25 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: from mail-ua0-x236.google.com (mail-ua0-x236.google.com [IPv6:2607:f8b0:400c:c08::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9104F21A1 for ; Tue, 16 Jan 2018 05:20:25 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: by mail-ua0-x236.google.com with SMTP id z47so10010650uac.0 for ; Mon, 15 Jan 2018 21:20:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tetlows.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=yHsZde9DYavHf/jLpvwvNrurxIZ6Uv8WyX+dpWQwbpo=; b=CVKdbS6UoFSRdBq1xNrCUvXwSCj1xcrbCuazkKcy2f4NUjviYdjRS8nlCNkquRg0d/ hzcyep+KEc2rRVS7lA/2bDWksU4yXw5We9TxexUrXyNY4ld1DgXRgZUh1IhiJYtF0bOL JCQ88p7XqVEYJkCd8xbJ8ndYcg4PoO50lhpgM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=yHsZde9DYavHf/jLpvwvNrurxIZ6Uv8WyX+dpWQwbpo=; b=gvA2pZSY0TKDf9/3tj3n//YxMerwNPFpij1ltZoCV08ecbv3fopMc61sCpHpetxxS4 UAHpOUk3gd/MmGzq7cwYZoaX2jAasznXhBCzVCnmr9rbXzHLO+k4QcQKlXI4OHcBLoT2 nmVWXjFsFcRrt1uwMYNx8Igs3jBdnSb2zw84dN7Uvvo5Ctjyo6kbE2ItE4knY1NAq2Hb qa1nfUXLCSTgFax5H3l73JCrjfM4eUt1XxR23f4jr9MnBnETEVoq3pLmtnPlyX+M4uia /pjjLFbQsjDtYNb5hUqmVjnO1fKF+S9aqpZBNqaB1hLxkDpfH2wXdSLDigbqUTk6uQx6 rWxg== X-Gm-Message-State: AKwxytdXRdvzA9S+vuTJOf/EnHvrqdr2sq3A8+dIfRiDUJZkmOPYYLAe shAZuIAa7YvpDlVLqLZZWaNAu/gOJj7HeNPg+Qjjtu4= X-Google-Smtp-Source: ACJfBot31cGBHPFWMd7oCK+k75xpRXw2em+u43Af0MJDZrteVQSKIePWelmCvO60yOHdXqMyRK74kcJ5oDW1MAI7EQ8= X-Received: by 10.176.77.230 with SMTP id b38mr27851742uah.113.1516080024593; Mon, 15 Jan 2018 21:20:24 -0800 (PST) MIME-Version: 1.0 Received: by 10.176.81.102 with HTTP; Mon, 15 Jan 2018 21:20:24 -0800 (PST) In-Reply-To: <20180113161026.GR1684@kib.kiev.ua> References: <20180108175751.GH9701@gmail.com> <20180113161026.GR1684@kib.kiev.ua> From: Gordon Tetlow Date: Mon, 15 Jan 2018 21:20:24 -0800 Message-ID: Subject: Re: Response to Meltdown and Spectre To: Konstantin Belousov Cc: freebsd-security Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jan 2018 05:20:25 -0000 On Sat, Jan 13, 2018 at 8:10 AM, Konstantin Belousov wrote: > On Mon, Jan 08, 2018 at 09:57:51AM -0800, Gordon Tetlow wrote: >> Meltdown (CVE-2017-5754) >> ~~~~~~~~~~~~~~~~~~~~~~~~ >> Initial work can be tracked at https://reviews.freebsd.org/D13797. >> Please note this is a work in progress and some stuff is likely to be >> broken. > I consider this patch as ready for review now. Awesome! So, what's next? Do we have some testers we can solicit to beat on this? I believe des@ had a test case to try out? Based on where we are, what needs to be done to get this into the tree? Secondarily, what's needed to get this in shape for 10.3/10.4/11.1? Gordon From owner-freebsd-security@freebsd.org Tue Jan 16 09:57:40 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A5AEBEB8D6E for ; Tue, 16 Jan 2018 09:57:40 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 231AB710EA for ; Tue, 16 Jan 2018 09:57:39 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id w0G9vUDQ095248 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 16 Jan 2018 11:57:33 +0200 (EET) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua w0G9vUDQ095248 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id w0G9vUSi095247; Tue, 16 Jan 2018 11:57:30 +0200 (EET) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Tue, 16 Jan 2018 11:57:30 +0200 From: Konstantin Belousov To: Gordon Tetlow Cc: freebsd-security Subject: Re: Response to Meltdown and Spectre Message-ID: <20180116095730.GP1684@kib.kiev.ua> References: <20180108175751.GH9701@gmail.com> <20180113161026.GR1684@kib.kiev.ua> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.2 (2017-12-15) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on tom.home X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jan 2018 09:57:40 -0000 On Mon, Jan 15, 2018 at 09:20:24PM -0800, Gordon Tetlow wrote: > On Sat, Jan 13, 2018 at 8:10 AM, Konstantin Belousov > wrote: > > On Mon, Jan 08, 2018 at 09:57:51AM -0800, Gordon Tetlow wrote: > >> Meltdown (CVE-2017-5754) > >> ~~~~~~~~~~~~~~~~~~~~~~~~ > >> Initial work can be tracked at https://reviews.freebsd.org/D13797. > >> Please note this is a work in progress and some stuff is likely to be > >> broken. > > I consider this patch as ready for review now. > > Awesome! So, what's next? Do we have some testers we can solicit to > beat on this? I believe des@ had a test case to try out? Based on > where we are, what needs to be done to get this into the tree? > Secondarily, what's needed to get this in shape for 10.3/10.4/11.1? As expected, nothing happens WRT review. Peter tested the patch, it seems to be fine. I put shims to allow i386 to compile. My idea is to flip the default to non-PTI and commit the patch as is today. From owner-freebsd-security@freebsd.org Tue Jan 16 15:31:45 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AAADBE75FB8 for ; Tue, 16 Jan 2018 15:31:45 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: from mail-vk0-x22a.google.com (mail-vk0-x22a.google.com [IPv6:2607:f8b0:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 680EA7E9DE for ; Tue, 16 Jan 2018 15:31:45 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: by mail-vk0-x22a.google.com with SMTP id w201so3490117vkw.0 for ; Tue, 16 Jan 2018 07:31:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tetlows.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=lBYidnftZskZsOPC8anJsL044njEVyu2q658sTgc0ZQ=; b=gYD2pEBF9oFIuHdLDdkqk+EUo9Kwr0YRxxaxMlZZdVAE7hrHMZl1q0unGf4nTs0+ku shnh6xdJO4NtFUVQuIMPmxk6UrgI42BB/IdMwRJ8nVJZaiM0rUj0z2W/JikkdPyEDfej yB6xolsFS5ZiTkaaVecrNFOL/TOKx/3KCja+s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=lBYidnftZskZsOPC8anJsL044njEVyu2q658sTgc0ZQ=; b=FAqQPm2XMEKgTQVkNNzMW0Mc/pGlOk5txckOxzcfp0+KYhhF2m/sX8YCES6eh7JE00 N0xLCwuRXq7TpUOsCtYL76nUEiK4TnGwxKQnoKoLVZTE/zvh1mC4vf38WXDRPah+PStW cIqDtdajong67k5kE8M3iL8u0Tw12NKn6ZlMVnedX/ebkkEnqxrhoxC0xGerXN9VGqKg cjgNdrM1Y93hyH4C2OtMNhQTGH7b31T6JClmoS3G1ce5vWcDbbwarC1ERtScENHx+/Dl qrYM5YJhFSgOihsSP1pICBG837qp/+Y88uszWG7a3a31vn1BKjvbjs/54gf9rvDCCgp4 2PCA== X-Gm-Message-State: AKwxytcvtFqNE9Njus2hyPgb6yazqQSA47xRBDEG+iOs7oezIl8ByT0J 8hHAFFxBd8ok2NWqAMAfuo8KXAraWGhy5JTJo1/Z X-Google-Smtp-Source: ACJfBov0NzKsEFSC2SOH0OxQFnClhwJ67ic7otZgub8rKdj57kyoACLs+jrRLdnFr+rZ3rpWtlrEyhlJwxQFAvlXD4Y= X-Received: by 10.31.220.193 with SMTP id t184mr14501719vkg.103.1516116704321; Tue, 16 Jan 2018 07:31:44 -0800 (PST) MIME-Version: 1.0 Received: by 10.176.81.102 with HTTP; Tue, 16 Jan 2018 07:31:43 -0800 (PST) In-Reply-To: <20180116095730.GP1684@kib.kiev.ua> References: <20180108175751.GH9701@gmail.com> <20180113161026.GR1684@kib.kiev.ua> <20180116095730.GP1684@kib.kiev.ua> From: Gordon Tetlow Date: Tue, 16 Jan 2018 07:31:43 -0800 Message-ID: Subject: Re: Response to Meltdown and Spectre To: Konstantin Belousov Cc: freebsd-security Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jan 2018 15:31:45 -0000 On Tue, Jan 16, 2018 at 1:57 AM, Konstantin Belousov wrote: > On Mon, Jan 15, 2018 at 09:20:24PM -0800, Gordon Tetlow wrote: >> On Sat, Jan 13, 2018 at 8:10 AM, Konstantin Belousov >> wrote: >> > On Mon, Jan 08, 2018 at 09:57:51AM -0800, Gordon Tetlow wrote: >> >> Meltdown (CVE-2017-5754) >> >> ~~~~~~~~~~~~~~~~~~~~~~~~ >> >> Initial work can be tracked at https://reviews.freebsd.org/D13797. >> >> Please note this is a work in progress and some stuff is likely to be >> >> broken. >> > I consider this patch as ready for review now. >> >> Awesome! So, what's next? Do we have some testers we can solicit to >> beat on this? I believe des@ had a test case to try out? Based on >> where we are, what needs to be done to get this into the tree? >> Secondarily, what's needed to get this in shape for 10.3/10.4/11.1? > > As expected, nothing happens WRT review. Who is a good person to review this? alc? (I can't think of any other VM people out there). > Peter tested the patch, it seems to be fine. I put shims to allow i386 > to compile. My idea is to flip the default to non-PTI and commit the > patch as is today. Is there a reason to leave the PTI off in CURRENT? I'd rather turn it on and break some stuff to get the testing coverage than to leave it off. Gordon From owner-freebsd-security@freebsd.org Tue Jan 16 15:54:24 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3CFBFE7760E for ; Tue, 16 Jan 2018 15:54:24 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7A28F7FFD1 for ; Tue, 16 Jan 2018 15:54:23 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id w0GFsA2a075929 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 16 Jan 2018 17:54:13 +0200 (EET) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua w0GFsA2a075929 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id w0GFsA0o075928; Tue, 16 Jan 2018 17:54:10 +0200 (EET) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Tue, 16 Jan 2018 17:54:10 +0200 From: Konstantin Belousov To: Gordon Tetlow Cc: freebsd-security Subject: Re: Response to Meltdown and Spectre Message-ID: <20180116155410.GC55707@kib.kiev.ua> References: <20180108175751.GH9701@gmail.com> <20180113161026.GR1684@kib.kiev.ua> <20180116095730.GP1684@kib.kiev.ua> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.2 (2017-12-15) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on tom.home X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jan 2018 15:54:24 -0000 On Tue, Jan 16, 2018 at 07:31:43AM -0800, Gordon Tetlow wrote: > On Tue, Jan 16, 2018 at 1:57 AM, Konstantin Belousov > wrote: > > On Mon, Jan 15, 2018 at 09:20:24PM -0800, Gordon Tetlow wrote: > >> On Sat, Jan 13, 2018 at 8:10 AM, Konstantin Belousov > >> wrote: > >> > On Mon, Jan 08, 2018 at 09:57:51AM -0800, Gordon Tetlow wrote: > >> >> Meltdown (CVE-2017-5754) > >> >> ~~~~~~~~~~~~~~~~~~~~~~~~ > >> >> Initial work can be tracked at https://reviews.freebsd.org/D13797. > >> >> Please note this is a work in progress and some stuff is likely to be > >> >> broken. > >> > I consider this patch as ready for review now. > >> > >> Awesome! So, what's next? Do we have some testers we can solicit to > >> beat on this? I believe des@ had a test case to try out? Based on > >> where we are, what needs to be done to get this into the tree? > >> Secondarily, what's needed to get this in shape for 10.3/10.4/11.1? > > > > As expected, nothing happens WRT review. > > Who is a good person to review this? alc? (I can't think of any other > VM people out there). amd64 pmap is only smaller part of the patch, the trampoline code is IMO both more risky and more complicated. > > > Peter tested the patch, it seems to be fine. I put shims to allow i386 > > to compile. My idea is to flip the default to non-PTI and commit the > > patch as is today. > > Is there a reason to leave the PTI off in CURRENT? I'd rather turn it > on and break some stuff to get the testing coverage than to leave it > off. Because there is a lot of whine about performance, including uncertainity about several CPU families, because we still do not have have a test tool, and because there are some bits broken more than in non-pti kernel. From owner-freebsd-security@freebsd.org Tue Jan 16 17:19:53 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 719E7E7BEF2 for ; Tue, 16 Jan 2018 17:19:53 +0000 (UTC) (envelope-from cy.schubert@komquats.com) Received: from smtp-out-so.shaw.ca (smtp-out-so.shaw.ca [64.59.136.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 3FDC38399B for ; Tue, 16 Jan 2018 17:19:52 +0000 (UTC) (envelope-from cy.schubert@komquats.com) Received: from spqr.komquats.com ([96.50.22.10]) by shaw.ca with ESMTPA id bUtkeCYeFS7BpbUtme8YbP; Tue, 16 Jan 2018 10:19:46 -0700 X-Authority-Analysis: v=2.2 cv=NKylwwyg c=1 sm=1 tr=0 a=jvE2nwUzI0ECrNeyr98KWA==:117 a=jvE2nwUzI0ECrNeyr98KWA==:17 a=RgaUWeydRksA:10 a=PjuYqXk4AAAA:8 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8 a=vJce8p9ejQWfq4NfUNsA:9 a=lrjkCZcvI0hc4X9k:21 a=WkpC1dCZMyy1C9iA:21 a=pILNOxqGKmIA:10 a=M6LpCEiEi-QA:10 a=H3UEXQhoATeSqmIpcaMA:9 a=caek9dnBwOzLWiHm:21 a=_W_S_7VecoQA:10 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22 Received: from [10.168.3.140] (S0106d4ca6d8943b0.gv.shawcable.net [70.66.132.207]) by spqr.komquats.com (Postfix) with ESMTPSA id 0BD75181E; Tue, 16 Jan 2018 09:17:44 -0800 (PST) MIME-Version: 1.0 From: Cy Schubert Subject: VMware pulling Intel specter patches Date: Tue, 16 Jan 2018 09:18:47 -0800 To: "freebsd-security@freebsd.org" Message-Id: <20180116171745.0BD75181E@spqr.komquats.com> X-CMAE-Envelope: MS4wfGY7lBXFbPI6RcSPK35Cf+dtcs0twPBVwogEXy6D3nR49rf9F2aqN0LyaYI60ZVggYULf1RJZRQmW/CucpCPjKGO2KEpby0e3DO4wHUFxDAYFFYK8lww t0t9+8XEUrdZKchK7GgyW3My7xa2e44f5RsHNpUtJBTEDlIL2ZkJMeRcqg2VObfJHd1vF1hvwy8YNw== X-Mailman-Approved-At: Tue, 16 Jan 2018 17:23:42 +0000 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jan 2018 17:19:53 -0000 Might we be jumping the gun with updated firmware in devcpu-data? https://www.reddit.com/r/sysadmin/comments/7qjnfx/vmware_pulled_spectre_pat= ches_on_friday/ --- Sent using a tiny phone keyboard. Apologies for any typos and autocorrect. Also, this old phone only supports top post. Apologies. Cy Schubert or The need of the many outweighs the greed of the few. ---= From owner-freebsd-security@freebsd.org Tue Jan 16 17:50:11 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2F8D6E7DB2F for ; Tue, 16 Jan 2018 17:50:11 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-wr0-x22d.google.com (mail-wr0-x22d.google.com [IPv6:2a00:1450:400c:c0c::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B3C0512D6 for ; Tue, 16 Jan 2018 17:50:10 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mail-wr0-x22d.google.com with SMTP id g38so12928706wrd.2 for ; Tue, 16 Jan 2018 09:50:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=yvccgUAtjr5Q2LTA8vrD0ACBYfQWH6wyB64Ah/QEDYE=; b=NWTyT4/b1GwSGOVk/1C+pO4nLu/Bv7Pb1lb75tEG4p3t6T8k1YCk35/eqB0nUoYtvJ WKcrw+kC/Bf12LYghqNgYEp2PchYQJwdpMQ+2GI0h7ahiYkw/wqG1tQbYTMQl5eh545o Ayn6/MEsXLUAdIVqUZflfLaCuGKNgYvMMuP8JgFa+MX/zcLD2GlUuxGqrHRRaLT6/9Tu vEzN4GiER4K2eeuiwtXlgzqBChFCEI5ARzhwkFkDOtEeneG7Z7hOImTg3xXcfnoWRMfz QCrY7k39Y1dY4F71eO//SVjoz7cp/8R07URyMx39b/YxsRduKqrDa1MEPOMfJ6D1oqAP gyig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=yvccgUAtjr5Q2LTA8vrD0ACBYfQWH6wyB64Ah/QEDYE=; b=jO9MuRgWqbpgvB5cYhuM5m7Zomus44v3HOZO66lbFX1yG9kza5J+fQ3Fxm2IhEbJz/ Ll303IWML4PRm3UJpqIEtY0rwOHv+12lxxCu7zfo69iiGkEsQ0sN0IHlRCTOaZnz3igs gdY+MZafNjs/4Gy3QPr/fNnDbMOyj4s53GBrHz0h+in1GxAL1Xe6rUZjVoIf3xu7E/CI 83DdPoUt1oCch/mWznpvUssdl1MWxLSZ4NcjlLVzMOhlYu9O2+Uy2GnNRWybWN1q7Hew KWrhh0C6A9ZTddyH+Lu3XMVee30QMRTq5+/kZlMoR9eiIVObAUUHniUeRggmTrPt/YjW 2owg== X-Gm-Message-State: AKwxytckDrE/lbpxl5ILgtaU/N4mMEt3bZFvHpH7JSvCzXIIC9DUK4QY F3n6NIWpRlCL+q9YSpdf3/czfr5TaWM= X-Google-Smtp-Source: ACJfBouyeAel7dRU9cPKzyb1fAAJlwLerSGLhlbJzkL3kKcQPzu0VI43VkJAppCL79IerSeUmKJWZg== X-Received: by 10.223.176.79 with SMTP id g15mr28871wra.34.1516125009059; Tue, 16 Jan 2018 09:50:09 -0800 (PST) Received: from mutt-hbsd ([216.218.222.12]) by smtp.gmail.com with ESMTPSA id k35sm2794432wrc.2.2018.01.16.09.50.05 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 16 Jan 2018 09:50:08 -0800 (PST) Date: Tue, 16 Jan 2018 12:49:52 -0500 From: Shawn Webb To: Cy Schubert Cc: "freebsd-security@freebsd.org" Subject: Re: VMware pulling Intel specter patches Message-ID: <20180116174952.n7asjhyw66fnkicu@mutt-hbsd> References: <20180116171745.0BD75181E@spqr.komquats.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="uslwilkkwq3qkf6z" Content-Disposition: inline In-Reply-To: <20180116171745.0BD75181E@spqr.komquats.com> X-Operating-System: FreeBSD mutt-hbsd 12.0-CURRENT FreeBSD 12.0-CURRENT X-PGP-Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0x6A84658F52456EEE User-Agent: NeoMutt/20171208 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jan 2018 17:50:11 -0000 --uslwilkkwq3qkf6z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 16, 2018 at 09:18:47AM -0800, Cy Schubert wrote: > Might we be jumping the gun with updated firmware in devcpu-data? >=20 > https://www.reddit.com/r/sysadmin/comments/7qjnfx/vmware_pulled_spectre_p= atches_on_friday/ =46rom what I understand, the new Intel microcode only makes sense if retpoline is used. On Skylake and above, retpoline by itself isn't 100% effective against Spectre. On those systems, retpoline requires the new Intel microcode update along with enabling the new IBRS feature that comes with it. Simply updating the microcode on Intel systems doesn't really do much on its own. Granted, I could have misread and be completely wrong. Please let me know if I am. Thanks, --=20 Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --uslwilkkwq3qkf6z Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEKrq2ve9q9Ia+iT2eaoRlj1JFbu4FAlpeOzwACgkQaoRlj1JF bu78pQ/+JIEQeIEFms2BQZTlt0AeU3noBicJGnIrHB34RxtOXac2A50d1JVcEMKl MiFVqpMlQwF3PCgHqSlg9CHKax9c4MRKV36oyVhhSS5qA/f4JOTZ8G7zSDh1/8aN TTs+dMfK7MFw9oQ1mAacC3/tpMuD+6rDnMlYhaP2mxHxzhIuaCU3zspzpfTIvrJ1 fV67YaSAcE3XCOIlXuQAqVIRZbJ1/zMOvr+AYn07ssvYEoEWjeqDHJORFiIrlkyA NiTSE808tSQctcSgPa57zHR4M+Yb/85naUvG/c27axXOgMBn4An1XL3stXU6Eh7o 41XYPIIoSx83N5+2t48cVAD1u/EKOJP3BCdCaaZaXj6bAHx6s11yBxnBb6M5e4mG pbyfoHZ6o+UJzO3g3fUYzjbnwRkQgJNybK0L7QxmN3f3KXn8d9TdC1mMVOjJMo7n 4NKElZR6nBTmITY7F1YpA6q5tXMsaYDOVNS3b3Dvm05huimo6pOswa9lULjaL69Q 9hSo5GmxPKBVCrJ5Ij4+kHr0rvlkV8BtNU2WO0mbaWtXNLBx43g2zn7FKnkq3TiL S3E76xps6FhUmjfN9N0B5MJnn8ecOj24qzQcwhEbMi9m8CpjbtVWvrcmkM/nRv2y qGcO+/P6L2oxBLmOt7igNkUJxA1PTfFZazcFZL5y9J/dK5gYvhQ= =3ChP -----END PGP SIGNATURE----- --uslwilkkwq3qkf6z-- From owner-freebsd-security@freebsd.org Wed Jan 17 14:21:00 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE7B8E73167 for ; Wed, 17 Jan 2018 14:21:00 +0000 (UTC) (envelope-from brahma.gdb@gmail.com) Received: from mail-io0-x231.google.com (mail-io0-x231.google.com [IPv6:2607:f8b0:4001:c06::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A0A51714CC for ; Wed, 17 Jan 2018 14:21:00 +0000 (UTC) (envelope-from brahma.gdb@gmail.com) Received: by mail-io0-x231.google.com with SMTP id 25so21005915ioj.9 for ; Wed, 17 Jan 2018 06:21:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=bMjl26Vtb9+0idX714Jm7NY+W2ML04WB/R2XL5a+uyg=; b=uZeW0Mak0tQH9nHnge8SRk3Yg6OC7Ixv1XpECwhyTvE0fJQudaJ3FCkv/8Jfc4noeH swfx1rAnMkJvC3Uf2KoHdaNuHsW1z2nmDbFG3DNmUiQaIXV8dm+RpBO50/VSE7OR6QiA SLC7w7UgIIyLFg8pN1ptacTUKCMsatRmW4y1VdEEA3ggT0btv8IaOZsp4hJNKtkC4AO6 Bvc/59KzGx/YWbuC6d+rHnZ8KrwYZbkMnklZ+gU1KOA01R0NDwHZAFmYbHRMxc/Kh4Mi Y5PzhZY+9gBVTP8z9rk4/SDHTabURx44Qsy3Znan8k5HW/UOivdril1ILDFpzvIGiu+q ct5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bMjl26Vtb9+0idX714Jm7NY+W2ML04WB/R2XL5a+uyg=; b=qbeKjJ3hQoh/BRpHXnDKwHdq0z5tHmeXw3Vd4QmzZ4yiFGpro+MZKvshXVWGpt1gxz nDzwPe3ht9IG13VNjqkP1eMyk1QDAPrhI4+//mipB0cf6GhBDv/Dx8M7/ZzaxRIB1ipj cx1Qbi56+UehOEg8bb+hm2Dy3jucm0R7Cnxi96ruj9EqdEz1uPS+FcE/f1fYvSw3oFQN fAM5WHvSbncK61rNkEzfE7CeLO4g+/yRr/ba25yWEqyqtjA2NxksSOd6iZPsjnkf58mc 4rz2yKxexMmA+GwONDH74BIzvGO3OqFm9j5b4BTl6rb/aU7gRwK6z0vpfHbzcfuTDZ/Z j2gw== X-Gm-Message-State: AKwxytcsWJa+Gt5J/SFv6pbe/IO0zkGZhx92L11xHTZ1djADHeGUHuuY 0pFX6Ap6QcUOId5c4HJnGdSRYEHgFnuQybjuJVh/Gw== X-Google-Smtp-Source: ACJfBovUFIGPJYQBOvgQoaoeLEEt5jEfSR5PMwGw03dRAmZyTNbkXtHpWTcLie4Jf1I8ieD5fGlS1/QsfC6x2RTOjGA= X-Received: by 10.107.82.15 with SMTP id g15mr11135708iob.157.1516198859935; Wed, 17 Jan 2018 06:20:59 -0800 (PST) MIME-Version: 1.0 Received: by 10.79.46.85 with HTTP; Wed, 17 Jan 2018 06:20:59 -0800 (PST) In-Reply-To: <20180112074115.GB75633@server.rulingia.com> References: <44k1wnes1w.fsf@be-well.ilk.org> <20180112061425.GA75633@server.rulingia.com> <20180112074115.GB75633@server.rulingia.com> From: Brahmanand Reddy Date: Wed, 17 Jan 2018 19:50:59 +0530 Message-ID: Subject: Re: Need FreeBSD-SA-00:52(TCP uses weak initial sequence numbers) latest patch To: Peter Jeremy Cc: freebsd-security@freebsd.org X-Mailman-Approved-At: Wed, 17 Jan 2018 16:16:55 +0000 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jan 2018 14:21:01 -0000 Hi Peter, My last question on this , recently "Replaced the kernel RC4(arc4random) with Chacha20" on 11.0 kernel should we apply on 10.4 kernel ?? please find the corresponding review and fix https://reviews.freebsd.org/D10048 and https://reviews.freebsd.org/rS317015 Thanks in advance, Brahma On Fri, Jan 12, 2018 at 1:11 PM, Peter Jeremy wrote: > On 2018-Jan-12 12:33:21 +0530, Brahmanand Reddy > wrote: > >TCP uses weak initial sequence numbers > >https://www.freebsd.org/security/advisories/FreeBSD- > SA-00%3A52.tcp-iss.asc > > As has been pointed out to you several times in this thread, that SA is > nearly 20 years old and there is no evidence that TCP on any recent FreeBSD > uses weak ISNs. > > >actually "arc4random()" will take care on https://github.com/freebsd/ > >freebsd/blob/master/sys/netinet/tcp_subr.c#L2374 > > Without studying the code in detail, that code appears to correctly use > arc4random() to initialise the ISN - which is as expected. > > > I suspecting 10.4 already having fix... but i didn't found on exactly > >which this problem from https://www.freebsd.org/security/patches/ > > Well, the original patch is > https://www.freebsd.org/security/patches/SA-00%3A52/ and was committed > as what is now https://svnweb.freebsd.org/base?view=revision&revision= > 66433 > Since that patch is integrated into the FreeBSD codebase, there's no need > to update the contents of https://www.freebsd.org/ > security/patches/SA-00%3A52/ > and it is not relevant to the current codebase. > > > i would like expecting where is the fix in 10,4 kernel. > > That code was re-written in r82122, retaining the use of arc4random() for > ISN initialisation. As a result, it's no longer possible to point at > specific code and say "that code fixes weak TCP ISNs". > > -- > Peter Jeremy > From owner-freebsd-security@freebsd.org Wed Jan 17 17:24:52 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2F3ADE7C3DC for ; Wed, 17 Jan 2018 17:24:52 +0000 (UTC) (envelope-from toasty@dragondata.com) Received: from mail-io0-x22a.google.com (mail-io0-x22a.google.com [IPv6:2607:f8b0:4001:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id F069F78EEC for ; Wed, 17 Jan 2018 17:24:51 +0000 (UTC) (envelope-from toasty@dragondata.com) Received: by mail-io0-x22a.google.com with SMTP id 25so21680231ioj.9 for ; Wed, 17 Jan 2018 09:24:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dragondata.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=pbbKIHH1WFALFy3cEiEzfjtr1/8pYEz+s3nU1MJXTvs=; b=PVX3cEQXckBwZ4EIrrfrm9IQu9cX6YyF6/h0KtDy5UKIrQ3t5znuPSSi55zPZOb10G bxc6BVxfgcZCU9y3KBe2ast5co9tY7RC2OV/fnDm4dzFN0DA4YU1MeynrEbP4Kip+Rcp AFj0GF2wA5QsMBewjeiX5pOnjCD6dLWZtxgJk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=pbbKIHH1WFALFy3cEiEzfjtr1/8pYEz+s3nU1MJXTvs=; b=b+5PZb1HbIggoTDj1+cxgAvbRU0B0jLRiUj61UYl5v+E0BpHsa3hRmlbr5l7HOHXFZ bAobaQtc7A5qLnLigRM8MjroYc4mITBYTPLjJXiT4z7Gv5K8HzkWQ8Owb7nQSjBucSTk YXoodQDIWvmJDPCGWtlYB3+5FiMe6+pgfpw6W6l8IuEE5Y1pyearyBCVxT+xY+H3+yB7 tLJCPUD9XGKDhomJuWkRi2o4ZqaGLI79OZSlzAkKnAkpKUkrgRCutjM5qHiqi/RjZAxH Yg/lRex/sbU2pKBnIin2YRs/Xo5ndBgXZY9psNYxm7ZpA+x3DNjoy4OSSPAc6L9e5gy7 MOFQ== X-Gm-Message-State: AKwxytedMHjN//HXgd5EAOby06i7DE4ZB+aLQXQryKiFQNQAgBt9Ubiv 1rHx0kHLiV2kCmM/6c6m6eHz9RMNJyo= X-Google-Smtp-Source: ACJfBovE0vIf8ey1/rBPZrcYkB1848vgIGZnIJnnrgy1oc4kRXpZX6sjG8iTEyEnv1P+gWxFptqRig== X-Received: by 10.107.136.68 with SMTP id k65mr20964636iod.145.1516209891145; Wed, 17 Jan 2018 09:24:51 -0800 (PST) Received: from unassigned.v6.your.org ([2001:4978:1:45:7d12:36f7:8059:da7b]) by smtp.gmail.com with ESMTPSA id k75sm2711480iod.27.2018.01.17.09.24.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Jan 2018 09:24:50 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\)) Subject: Re: Need FreeBSD-SA-00:52(TCP uses weak initial sequence numbers) latest patch From: Kevin Day In-Reply-To: Date: Wed, 17 Jan 2018 11:24:48 -0600 Cc: FreeBSD-security@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <7E7F9FCF-BA42-4B3C-871E-2DDC1229D14D@dragondata.com> References: <20180111171545.GC68137@fc.opsec.eu> To: Brahmanand Reddy X-Mailer: Apple Mail (2.3445.5.20) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jan 2018 17:24:52 -0000 I think the confusion here is that your test program below has a bug - = your RST packet is invalid so it's not closing the socket on the other = side. If you look at how a normal RST is generated normally: 17:13:42.626365 IP src.26057 > dst.22: Flags [S], seq 472216885, win = 65535, length 0 17:13:42.626504 IP dst.22 > src.26057: Flags [S.], seq 3592434473, ack = 472216886, win 65535, length 0 17:13:42.626512 IP src.26057 > dst.22: Flags [R], seq 472216886, win 0, = length 0 Notice that the third packet (the RST packet) uses the sequence number = that the SYN had plus 1. Your program is using the SYNACK packet's = sequence number in the RST, which would look like this instead: 17:13:42.626365 IP src.26057 > dst.22: Flags [S], seq 472216885, win = 65535, length 0 17:13:42.626504 IP dst.22 > src.26057: Flags [S.], seq 3592434473, ack = 472216886, win 65535, length 0 17:13:42.626512 IP src.26057 > dst.22: Flags [R], seq 3592434473, win 0, = length 0 The dst system is treating this as an invalid RST packet because the = sequence number is incorrect and completely ignoring it, leaving the = socket still half open. When you send the SYN2 packet with the same = source and destination port, and the dst system still has the socket = open, it's going to repeat the same SYNACK back to you. If you change your program to send a RST with a sequence of the initial = SYN plus 1, you'll actually reset the connection and see the behavior = you're looking for. You're seeing the same ISN because your RST isn't = closing the connection on the other side, so the dst system is still = trying to open the original socket. > On Jan 11, 2018, at 7:20 PM, Brahmanand Reddy = wrote: >=20 > Hi Kurt, >=20 > Thanks lot responding my mail, >=20 > Please explain why you think this should be an issue for FreeBSD 10.2 = ? >=20 > Currently i am using 10.2 and 10.4, i found this = problem/vulnerability > still exist using below script >=20 > #!/usr/local/bin/python > from scapy.all import * >=20 > # VARIABLES > src =3D str(input('IP SRC: ')) > dst =3D str(input('IP DST: ')) >=20 > sport =3D random.randint(1024,65535) > dport =3D int(input("DST PORT: ")) >=20 >=20 > # SYN > ip=3DIP(src=3Dsrc,dst=3Ddst) > = SYN=3DTCP(sport=3Dsport,dport=3Ddport,flags=3D'S',seq=3Drandom.randint(102= 4,1048576), > ack=3D0) > SYNACK=3Dsr1(ip/SYN) > print('Seq1 Number is :',SYNACK[TCP].seq) =3D=3D> Seq1 >=20 > # RST > RST=3DTCP(sport=3Dsport, dport=3Ddport, flags=3D'R', seq=3DSYNACK.ack, = ack=3D0) > send(ip/RST) >=20 > #SYN > = SYN2=3DTCP(sport=3Dsport,dport=3Ddport,flags=3D'S',seq=3Drandom.randint(10= 24,1048576), > ack=3D0) > SYNACK2=3Dsr1(ip/SYN2) > print('Seq2 Number is :',SYNACK2[TCP].seq) = =3D=3D> > same ISN number i observed/receiving. >=20 > I mean seq1=3Dseq2, TCP ISN reusing. >=20 > i think the patch is available on 10.4 on wards, but i dint found > exactly/similar patch from https://www.freebsd.org/security/patches/ >=20 > It could be great to confirm what is the corresponding latest patch = this > problem would be solved. Kindly correct me anything i am missing. >=20 >=20 > Sincerely, > Brahma >=20 >=20 >=20 >=20 > On Thu, Jan 11, 2018 at 10:45 PM, Kurt Jaeger wrote: >=20 >> Hi! >>=20 >>> Please share the corresponding FreeBSD-SA-00:52(*TCP uses weak = initial >>> sequence numbers*) latest patch. >>>=20 >>> the original problem reported on : >>> https://www.freebsd.org/security/advisories/FreeBSD- >> SA-00%3A52.tcp-iss.asc >>=20 >> That's a security annoucement for FreeBSD 3.x to 5.x. >>=20 >> Please explain why you think this should be an issue for FreeBSD 10.2 = ? >>=20 >> And, by the way: FreeBSD 10.2 is a old, no-longer supported version. >>=20 >> https://www.freebsd.org/releases/ >>=20 >> lists which versions are still supported. >>=20 >> -- >> pi@FreeBSD.org +49 171 3101372 2 years to go ! >>=20 > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to = "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@freebsd.org Thu Jan 18 08:42:43 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 79B39EBD917 for ; Thu, 18 Jan 2018 08:42:43 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 3F4EE808BF for ; Thu, 18 Jan 2018 08:42:42 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 859B510E07; Thu, 18 Jan 2018 08:42:40 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id 5C04060669; Thu, 18 Jan 2018 08:42:40 +0000 (UTC) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Brahmanand Reddy Cc: Peter Jeremy , freebsd-security@freebsd.org Subject: Re: Need FreeBSD-SA-00:52(TCP uses weak initial sequence numbers) latest patch References: <44k1wnes1w.fsf@be-well.ilk.org> <20180112061425.GA75633@server.rulingia.com> <20180112074115.GB75633@server.rulingia.com> Date: Thu, 18 Jan 2018 09:42:40 +0100 In-Reply-To: (Brahmanand Reddy's message of "Wed, 17 Jan 2018 19:50:59 +0530") Message-ID: <86lggvd0cf.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jan 2018 08:42:43 -0000 Brahmanand Reddy writes: > My last question on this , recently "Replaced the kernel RC4(arc4random) > with Chacha20" on 11.0 kernel should we apply on 10.4 kernel ?? This has not yet been merged to 11 and will not be merged to 10, which is now in maintenance mode. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no