From nobody Mon Aug 21 08:06:23 2023 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RTlRm1d28z4qQD0 for ; Mon, 21 Aug 2023 08:06:28 +0000 (UTC) (envelope-from chris@cretaforce.gr) Received: from relay3.cretaforce.gr (relay3.cretaforce.gr [195.201.253.216]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "*.cretaforce.gr", Issuer "RapidSSL TLS RSA CA G1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RTlRk5bmLz3clL for ; Mon, 21 Aug 2023 08:06:26 +0000 (UTC) (envelope-from chris@cretaforce.gr) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=cretaforce.gr header.s=cretaforce header.b=LSnQoz8e; spf=pass (mx1.freebsd.org: domain of chris@cretaforce.gr designates 195.201.253.216 as permitted sender) smtp.mailfrom=chris@cretaforce.gr; dmarc=pass (policy=none) header.from=cretaforce.gr Received: from server1.cretaforce.gr (server1.cretaforce.gr [94.130.217.104]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) client-signature RSA-PSS (2048 bits)) (Client CN "*.cretaforce.gr", Issuer "RapidSSL TLS RSA CA G1" (verified OK)) by smtp1.cretaforce.gr (Postfix) with ESMTPS id 3D3101FA00 for ; Mon, 21 Aug 2023 11:06:25 +0300 (EEST) Received: from smtpclient.apple (unknown [80.107.124.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: chris@cretaforce.gr) by server1.cretaforce.gr (Postfix) with ESMTPSA id D77DDD5E6; Mon, 21 Aug 2023 11:06:24 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cretaforce.gr; s=cretaforce; t=1692605185; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cNcos0u2vghYQpw1nAm8eRbR2psPqK3tSt6BfJ+YQoA=; b=LSnQoz8eqB7mhDW/dGGYW5PuN7NnE2SCh8tmBz0wzlX2oFRdqOQNP9d5WSDvAKTI4nnCYb HN0Zl2G3cper4tlMPqXSlVqseQhmsoXHzm1gMUbeJOnvMqokds9k2rUZwj6zdi8FVD3w20 3Wa2hlTIeNl8rL3R3lxzkjxuYGpd3zU= From: Christos Chatzaras Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\)) Subject: Intel/AMD Downfall/Inception Vulnerabilities Message-Id: Date: Mon, 21 Aug 2023 11:06:23 +0300 Cc: FreeBSD To: freebsd-security@freebsd.org X-Mailer: Apple Mail (2.3731.700.6) X-Spamd-Result: default: False [-4.60 / 15.00]; DWL_DNSWL_LOW(-1.00)[cretaforce.gr:dkim]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; MV_CASE(0.50)[]; DMARC_POLICY_ALLOW(-0.50)[cretaforce.gr,none]; R_DKIM_ALLOW(-0.20)[cretaforce.gr:s=cretaforce]; R_SPF_ALLOW(-0.20)[+ip4:195.201.253.216]; RCVD_IN_DNSWL_LOW(-0.10)[195.201.253.216:from]; MIME_GOOD(-0.10)[text/plain]; FROM_HAS_DN(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; MLMMJ_DEST(0.00)[freebsd-security@freebsd.org]; BLOCKLISTDE_FAIL(0.00)[94.130.217.104:server fail,80.107.124.177:server fail,195.201.253.216:server fail]; FREEFALL_USER(0.00)[chris]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; DKIM_TRACE(0.00)[cretaforce.gr:+]; TO_DN_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCPT_COUNT_TWO(0.00)[2]; MIME_TRACE(0.00)[0:+]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:24940, ipnet:195.201.0.0/16, country:DE]; RCVD_TLS_ALL(0.00)[] X-Spamd-Bar: ---- X-Rspamd-Queue-Id: 4RTlRk5bmLz3clL Hello, There are security vulnerabilities in Intel and AMD processors. More information can be found at = https://www.openssl.org/blog/blog/2023/08/15/downfall/ It appears that changes are required both in the operating system code = and microcode/bios updates. If I remember correctly, when Spectre and Meltdown vulnerabilities were = disclosed in early 2018, there was significant controversy surrounding = the notification process. Several entities, including certain Linux = distributions and the FreeBSD project, were not informed as early as = some major tech companies. I am aware that work is currently being done for upcoming FreeBSD 14 = release and there may not be available human resources, but is there = anyone working on this? Kind regards, Christos Chatzaras= From nobody Mon Aug 21 20:35:28 2023 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RV44B6sv2z4rHTJ for ; Mon, 21 Aug 2023 20:35:38 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RV44B6LGYz4Zs0 for ; Mon, 21 Aug 2023 20:35:38 +0000 (UTC) (envelope-from matthew@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1692650138; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=SKmkNELEglaT9oiWoJmwD2YVv4lV6ujhtD5z2g0BifY=; b=XXip9WVuCQ8+3SSNfaDKHwIIL32grKBqGkcRw2Bl474g3ZkS+D6xFIFmLQovtjIiW46HS2 cUdsN5xnB/kE2mg8JFqBk7YoqwaQayRMv5FHquP4MM1ULwllL5k7fn+CZUJ8Yvdnwp8AdG 2MDN6G05UADgc5o+ALtrxmhyTIYATCCqSojxlXVqtjIc+OHjN0k7kcafBvxEkmiFp0V4o3 M2EsfAa8jCgSdqp0Kort2YbgjHi1Pscl7w42BNYe/B+esaeK3AbSa4y5LesrIl9/0v0BCt HAkp7OCX6HTyWHBO6HVTL52Bgzx/8vBdEmGQMAv6Nvs93iuOju/w2OtEKYywyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1692650138; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=SKmkNELEglaT9oiWoJmwD2YVv4lV6ujhtD5z2g0BifY=; b=UnNUzdsLgtiiMP6keOj2y3okFD6aYI/bgfU+hzECqK+i/fOvGJs3bHp8kWGDUQQP9YsPJv HMjgZLqXCq4A5+lQ1x3wVsycx/w37KjY3m3VdanyURIlhcSBWZ+WqZJeyh6H68SEilA6w6 q6VB/Y7lHK+NKPbF5MDhMYOM5nwiIMeFnXcwma0/ZlzO6gAGytgkU7PRb+8onx26VuAV8c 9nK6IF2CxJdVCDsVXYnE4aFps8PKtROA75E0IHn/IOzO4HgzLoRW/HDeNNp4Am4eDKxd7u X77hMAwI+211GTu67pqd7+/Jjm5SooUD0laRX4UafbR9Ifw2WeB+n31SlvXaaA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1692650138; a=rsa-sha256; cv=none; b=QVVJh/SMqYf4CjMOlpKmVhofiQbFsji/V8YpSYzXTns5B3ouyC9FhHYBWBDpDGE7Ku3N7S i9fQ8Cb/zDef+36Q+Iw5Q5pf6oH0Tn9ybfaH0l5HPDf58p8V/8RFmO+/fez7f9Yz6/Wy87 XUpliA9j61S/qEvEHwqYRBPU7G6XFyZI/NpMjhT2c3JNxDm0ilA4aIZ1oVbG/jeCr/RlPn wjlnXFo+srha4AK2rThu0jOteP3Hhm20rGRMwH+NwewBwEoEZdxwgRh4dQz7RUN69JAMai QDZKXKyBqrLq+YHIHEDmKFSsIZXWBucamZNYKA27mpDATl/QvTGZdQtHX4RdBg== ARC-Authentication-Results: i=1; smtp.infracaninophile.co.uk; dmarc=none (p=none dis=none) header.from=FreeBSD.org Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [IPv6:2001:8b0:151:1:c4ea:bd49:619b:6cb3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: matthew/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4RV44B4NSfzlL4 for ; Mon, 21 Aug 2023 20:35:38 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from [IPV6:2001:8b0:151:1:b878:bb91:32e0:48ee] (unknown [IPv6:2001:8b0:151:1:b878:bb91:32e0:48ee]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 2C0213046 for ; Mon, 21 Aug 2023 21:35:35 +0100 (BST) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none (p=none dis=none) header.from=FreeBSD.org Message-ID: <79e5b8ba-d013-4c87-b0d6-7ea471b2a7b6@FreeBSD.org> Date: Mon, 21 Aug 2023 21:35:28 +0100 List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird From: Matthew Seaman Subject: Re: Intel/AMD Downfall/Inception Vulnerabilities To: freebsd-security@freebsd.org References: Content-Language: en-GB In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------K2Yuv0aS1FEyH92D40SeQTmm" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------K2Yuv0aS1FEyH92D40SeQTmm Content-Type: multipart/mixed; boundary="------------fxMH10XZinUSX5xQTXj7t0R9"; protected-headers="v1" From: Matthew Seaman To: freebsd-security@freebsd.org Message-ID: <79e5b8ba-d013-4c87-b0d6-7ea471b2a7b6@FreeBSD.org> Subject: Re: Intel/AMD Downfall/Inception Vulnerabilities References: In-Reply-To: --------------fxMH10XZinUSX5xQTXj7t0R9 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 T24gMjEvMDgvMjAyMyAwOTowNiwgQ2hyaXN0b3MgQ2hhdHphcmFzIHdyb3RlOg0KPiBJIGFt IGF3YXJlIHRoYXQgd29yayBpcyBjdXJyZW50bHkgYmVpbmcgZG9uZSBmb3IgdXBjb21pbmcg RnJlZUJTRCAxNCANCj4gcmVsZWFzZSBhbmQgdGhlcmUgbWF5IG5vdCBiZSBhdmFpbGFibGUg aHVtYW4gcmVzb3VyY2VzLCBidXQgaXMgdGhlcmUgDQo+IGFueW9uZSB3b3JraW5nIG9uIHRo aXM/DQoNClRoZSBGcmVlQlNEIHByb2plY3QgZG9lc24ndCBoYXZlIHRoZSBjYXBhYmlsaXR5 IHRvIGZpeCB0aGlzIA0KaW5kZXBlbmRlbnRseSBvZiB0aGUgQ1BVIG1hbnVmYWN0dXJlci4g IEFueSBmaXggd2lsbCB0YWtlIHRoZSBmb3JtIG9mIA0KdXBkYXRlZCBtaWNyb2NvZGUgcGFj a2FnZXMgZnJvbSBJbnRlbCwgd2hpY2ggd2lsbCBuZWVkIHRvIGJlIA0KaW5jb3Jwb3JhdGVk IGludG8gZXhpc3RpbmcgcG9ydHMgZm9yIHVwZGF0aW5nIHN1Y2ggdGhpbmdzLiAgS2VlcCBh biBleWUgDQpvbiB0aGUgc3lzdXRpbHMvY3B1LW1pY3JvY29kZSogcG9ydHMgZm9yIHVwZGF0 ZXMgaW4gdGhlIG5lYXIgZnV0dXJlLg0KDQpZZXMsIEludGVsIGhhcyBwcm92aWRlZCBmaXhl cyBmb3IgdGhpcyBwYXJ0aWN1bGFyIHByb2JsZW0uICBNb3N0IG1ham9yIA0KY2xvdWQgcHJv dmlkZXJzIGhhdmUgYW5ub3VuY2VkIHRoZXkndmUgYWxyZWFkeSBhcHBsaWVkIGZpeGVzIChv ciBuZXZlciANCndlcmUgdnVsbmVyYWJsZSBpbiB0aGUgZmlyc3QgcGxhY2UuKQ0KDQpUaGlz IGlzIGp1c3QgdGhlIGxhdGVzdCByZXByZXNlbnRhdGl2ZSBvZiBhbiBlbWVyZ2luZyBjbGFz cyBvZiBzaWRlIA0KY2hhbm5lbCBhdHRhY2tzIG9uIHNoYXJlZCBzeXN0ZW1zIC0tIG5vdCBq dXN0IGFtZDY0OiBhcm02NCB3aWxsIG5vIGRvdWJ0IA0KaGF2ZSBhcy15ZXQtdW5kaXNjb3Zl cmVkIGJ1dCBzaW1pbGFyIHByb2JsZW1zLg0KDQpJIHRoaW5rIHRoZSB0YWtlLWhvbWUgc3Rv cnkgaXMgImRvbid0IHVzZSBpbXBvcnRhbnQgc2VjcmV0cyBvciANCmNvbmZpdGVudGlhbCBk YXRhIG9uIHBoeXNpY2FsIGhhcmR3YXJlIHRoYXQgaXMgc2hhcmVkIHdpdGggdW50cnVzdGVk IHVzZXJzLiINCg0KCUNoZWVycywNCg0KCU1hdHRoZXcNCg== --------------fxMH10XZinUSX5xQTXj7t0R9-- --------------K2Yuv0aS1FEyH92D40SeQTmm Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEGfFU7L8RLlBUTj8wAFE/EOCp5OcFAmTjypEFAwAAAAAACgkQAFE/EOCp5OfD AxAAr2FAJp+KksaH0lWSpcOki/hVTy7TlKIw6kElfhUE4S+Y1ecB8TVFuosC3JXyfGWn3VD/X+g5 A2leDwZow8WEN9ZjbyTrUy1CtX3GdtGlxoPGpwfPCe9LBdSesHlh3/Xvc6sMMs53gq8yln/M11CQ N8ENih25aWtdwk1FK6JBpdw1FzH/PTC4Q1rCkClt5td+eTzovekDBo3zgzOFiGjszgO0sZpO+sD6 VvGI1+xdog0L0Zu4nXM/sX06O+FitzTv8Cw/RcSbFAqek9D/w1SXPZi2vK5sOSUHzwLoOtQIqvtu U3xrUQKBLJbt1Kys7hIiYXXL/Y6sD1JknxAopxVgT3+t8nntKFMN5q53C+yMb+tJgmjubVGsz7rZ wpwHdS+E+Hp6n6n/gu+R0suiY1/aACGaTqzxr8v3xWfO0Mybtfw3Xlc4i6fe3g64nFbSBafak7NG NbYPwroTNCca0iS3XZmi/LLkK/Uwd76J/1M6oYEVI9zmWQIQMpPnARymnjmlMw7mpD9onKwweGKF hf/XkleVrr/ws1FmsVy1wvUUOt9QBnQ5mDGY390Z2SsJjfT6Pp89eOWqEcudHvV29bUrf8a7doV/ ZgUmxpfl0xTI47v00pfr+JA7J0nD5w4+Oie5kHKxmOPXjWtxjOdxoU8y7WkgcwnU/b61nKq3Noiy 5hw= =7fav -----END PGP SIGNATURE----- --------------K2Yuv0aS1FEyH92D40SeQTmm-- From nobody Wed Aug 23 07:01:01 2023 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RVxvP2DGFz4rCVj; Wed, 23 Aug 2023 07:01:05 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-vs1-xe35.google.com (mail-vs1-xe35.google.com [IPv6:2607:f8b0:4864:20::e35]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RVxvM5YZ0z4T7w; Wed, 23 Aug 2023 07:01:03 +0000 (UTC) (envelope-from grarpamp@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20221208 header.b="r3yW5xB/"; spf=pass (mx1.freebsd.org: domain of grarpamp@gmail.com designates 2607:f8b0:4864:20::e35 as permitted sender) smtp.mailfrom=grarpamp@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-vs1-xe35.google.com with SMTP id ada2fe7eead31-44768034962so1433032137.3; Wed, 23 Aug 2023 00:01:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692774062; x=1693378862; h=cc:to:subject:message-id:date:from:references:in-reply-to :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=jbbumfMBS6kgzZySLkqvt+t5wpDn5ebO+ds+o1D2tOw=; b=r3yW5xB/WuYwmX0VRi0/S3hUHFJXST20hYGkVuB0k+WyLvVP5I3W8X+qNI7kwA/rFH BQg5ZpdLNfXS75YjxoiRaAkYjZ24qwJQUHMueWVpi7iet6v4arU5bXc11fpF3ugka7rm /1TInP3xoY/s2sz2qrIbkcMGyOZUZpLJFiQ98QttwXZ5cmorCYqLbfS4DK2R5pL4bv6r p8bE/N0StuUf0TbPRAVGkVSG8/wzwc69zbWT7zbMnYqt9378NL2hA5r7hiB0vgrTPkzI nwCDzWmbC42P+RKs36J+UvD5GbBR2y/fwAkZYOizG4l9erujP7Dv4o7CIMYdLGGPzJbA QsSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692774062; x=1693378862; h=cc:to:subject:message-id:date:from:references:in-reply-to :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jbbumfMBS6kgzZySLkqvt+t5wpDn5ebO+ds+o1D2tOw=; b=CjgoKXgZYb5JqrbRUj5TT6l5eTx8qsixQhV/T+hKVjGw/XS7A0BG/SOZh28dtgWE0/ Wh9Ns6o2Daqn9f6r5wa07v1tZNu93ou8lytNq9Dz3obZpLPA5G4d8TgdN01vxHDCdLas T4EyrwAC4v05FnIHnirFjl17N5uRNbt4/gs7FbVpFknmNjBcspiL2hMTBjAdR9Z9h+sm jI3oHFGnQbrtWj4CPeirgghK+43MCNP4SIei4vq0rz4BUP430tbNMmqvFOeeaUs6O4+O QgDHzsK7P5sWB+opDhewvz8EgjOamDpFQ34WgFSJurXWZG0kyLJ8DnUvM3ga+krA5dN1 TobA== X-Gm-Message-State: AOJu0YzrVck+mOnCNkdkr+PEk5Thk0E2FJXraJ7VoQFILT4c58f/9h32 vYrF47cOmKXNPk/u+U/RJ4WqbZsJiHGfsCZtqZJ7vVkaoRA= X-Google-Smtp-Source: AGHT+IGVKx2OsrW+xipgtwwLv7uzPo49xY+xsWOasPVpaoegZm/NYYSDUcQIc+rzd1RViKzW2in3PBP9j1mIzb/jepA= X-Received: by 2002:a67:fd0f:0:b0:44a:c20a:ebb1 with SMTP id f15-20020a67fd0f000000b0044ac20aebb1mr6841243vsr.13.1692774062286; Wed, 23 Aug 2023 00:01:02 -0700 (PDT) List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org MIME-Version: 1.0 Received: by 2002:a59:9fc1:0:b0:3ed:209f:4d2d with HTTP; Wed, 23 Aug 2023 00:01:01 -0700 (PDT) In-Reply-To: References: From: grarpamp Date: Wed, 23 Aug 2023 03:01:01 -0400 Message-ID: Subject: Re: Is ZFS native encryption safe to use? To: freebsd-questions@freebsd.org Cc: freebsd-security@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Spamd-Result: default: False [-2.81 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.81)[-0.810]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20221208]; MIME_GOOD(-0.10)[text/plain]; ARC_NA(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; FROM_HAS_DN(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::e35:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org,freebsd-security@freebsd.org]; REDIRECTOR_URL(0.00)[twitter.com]; MID_RHS_MATCH_FROMTLD(0.00)[]; TO_DN_NONE(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; DKIM_TRACE(0.00)[gmail.com:+]; FROM_EQ_ENVFROM(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; RCVD_TLS_LAST(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-Spamd-Bar: -- X-Rspamd-Queue-Id: 4RVxvM5YZ0z4T7w On 8/22/23, iio7@tutanota.com wrote: > There seems to be a bit of open (and rather old) ZFS native encryption > bugs which still haven't been fixed and it doesn't look like it is > something that is being working on. > > Last night I was going to move some important files from an unencrypted > dataset to a new encrypted (ZFS native) one, but then got my doubts > about doing that (looking at all the different open GitHub issues on > OpenZFS). > > There exist some rumors about the original company which did the ZFS > native encryption work (the person doing the work left the company), > and they haven't done more since. > > What is the general experience running with ZFS native encryption on > FreeBSD? Is it better to use GELI for the whole pool instead? Neither GELI, nor the rest of the crypto subsystem, nor the kernel, nor userland... has ever undergone anything close to a real security audit, let alone an independent one, let alone been formally verified. And agents, moles, malactors, bugs, and worse are running rampant across the entire computing spectrum... from fab, to shipping, to OS and crypto development, to magic packets, to telecom, to phones, to firmware, software, apps, and updates, BGP, your ISP, frontdoor, backdoor, back orifice, and more. Your use of any crypto, on any operating system, on any hardware platform, on any network, is entirely at your own risk. Still lots of fun yet to be had... #OpenFabs , #OpenHW , #OpenAudit , #FormalVerification , #CryptoCrowdFunding , #OpenTrust , #GuerrillaNets , #P2PFiber , #GNURadioRF , #PrivacyCoins , #DropGangs , ... -- https://www.youtube.com/watch?v=xWAwK2fHArc https://www.youtube.com/watch?v=_U3lEc-IFr8 https://duckduckgo.com/?ia=videos&iax=videos&q=voluntaryism https://odysee.com/@Anarchast:2 https://bitchute.com/ || https://rumble.com/ https://twitter.com/NameRedacted247 https://libertarianinstitute.org/books/voluntaryist-handbook/ From nobody Wed Aug 23 07:38:32 2023 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RVyks3TVKz4rFWf for ; Wed, 23 Aug 2023 07:38:45 +0000 (UTC) (envelope-from bilbo@hobbiton.org) Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RVyks13KKz4bFf for ; Wed, 23 Aug 2023 07:38:44 +0000 (UTC) (envelope-from bilbo@hobbiton.org) Authentication-Results: mx1.freebsd.org; none Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-52a1132b685so3340965a12.1 for ; Wed, 23 Aug 2023 00:38:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ofwilsoncreek-com.20221208.gappssmtp.com; s=20221208; t=1692776323; x=1693381123; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=du0bltYC0MR0ad+1sZjYNLkKRzqAcTJVRJVzUEoyn9U=; b=W9AmHf78v2Z9AuC054ViMNRPzoTHV6MOheFJHBEV6Jkn92ZVjXRo/9cH5AYB2pHdG8 Tuzum16+Fq8o0ZT38Gk9J9fHlnqgdIRAzO36iWRo7wsBjYCKnX4VNAPDmPVqoNYplA6N qYdw5vWswX/US4bJkzkkWuWXaxDK2tEsPLcOjPkn1LhctUVbhJoWzYci2vhBT2hS4jrF 3yuTFddFaXGaGtpRBNofugvfVVNkaR2vN0udTrHc9btfJGWXHgn3oZ3QRpRItdakvJbV rhWLevqsjk+MkvdZ3Lwc+SHRueYYlNOzibHVvHJnqrRjWnWYKhPSlJW4jh4nlGGpySDw Hf7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692776323; x=1693381123; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=du0bltYC0MR0ad+1sZjYNLkKRzqAcTJVRJVzUEoyn9U=; b=TB7IN1EMV8LJTvdaH+GjSb5GytAM7tDyNQ1U6ShAEE0QZKDRXNgMKw5WjlbFVy1ibJ lJ8RVOL87ZF0bnqfzef1SE0VLG+TVuqB1nf4nDkLSBRqLPEuV+HE78PlDToJp+uVcpk8 70dzY6dN5yB8dKGR0yKFwH/rG167Qlib+XRql9ToOpYISD80WmWBNJIfjF+ruEYWU37B 6bg3vEp+2+lh/Zl3gkaqdTIyBbmB84P1lry6d7hUEmzQx6n5Wv/ZBZ40pJEhZHFbA/Du cEKS3hJ9Xc0Efl9FnVzTzTrA290MoQ9qB7441QDnRn9LA3P+yYzCGveD4zA7cRIkcNsM gv/A== X-Gm-Message-State: AOJu0Yzpd6gASN1mixkHCXGu1cDZoX3/jORCe4KqtVLbh6ltPhdEe7tZ qmcsfYyFhe/DJACNYGa9LHS7d63bhlqTB/pBYxrKNfMnbwkgMs/6 X-Google-Smtp-Source: AGHT+IEVfhe7GJr6imcnhsfOIVmjWcdQFcSBHGGrfzml+p1um9YWi5Ui6L9r0R1YrJIIGMerHWtzCSdGPu9XxJntURs= X-Received: by 2002:aa7:d34f:0:b0:525:4f15:d26e with SMTP id m15-20020aa7d34f000000b005254f15d26emr8049469edr.32.1692776323347; Wed, 23 Aug 2023 00:38:43 -0700 (PDT) List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org MIME-Version: 1.0 References: In-Reply-To: From: Leif Pedersen Date: Wed, 23 Aug 2023 02:38:32 -0500 Message-ID: Subject: Re: Is ZFS native encryption safe to use? To: grarpamp Cc: freebsd-questions@freebsd.org, freebsd-security@freebsd.org Content-Type: multipart/alternative; boundary="000000000000700b2806039233f5" X-Rspamd-Queue-Id: 4RVyks13KKz4bFf X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] --000000000000700b2806039233f5 Content-Type: text/plain; charset="UTF-8" On Wed, Aug 23, 2023, 02:02 grarpamp wrote: > On 8/22/23, iio7@tutanota.com wrote: > > There seems to be a bit of open (and rather old) ZFS native encryption > > bugs which still haven't been fixed and it doesn't look like it is > > something that is being working on. > > > > Last night I was going to move some important files from an unencrypted > > dataset to a new encrypted (ZFS native) one, but then got my doubts > > about doing that (looking at all the different open GitHub issues on > > OpenZFS). > > > > There exist some rumors about the original company which did the ZFS > > native encryption work (the person doing the work left the company), > > and they haven't done more since. > > > > What is the general experience running with ZFS native encryption on > > FreeBSD? Is it better to use GELI for the whole pool instead? > > Neither GELI, nor the rest of the crypto subsystem, > nor the kernel, nor userland... has ever undergone > anything close to a real security audit, let alone an > independent one, let alone been formally verified. > > And agents, moles, malactors, bugs, and worse are running > rampant across the entire computing spectrum... from fab, > to shipping, to OS and crypto development, to magic packets, > to telecom, to phones, to firmware, software, apps, and updates, > BGP, your ISP, frontdoor, backdoor, back orifice, and more. > > Your use of any crypto, on any operating system, on any > hardware platform, on any network, is entirely at your own risk. > > Still lots of fun yet to be had... > > #OpenFabs , #OpenHW , #OpenAudit , #FormalVerification , > #CryptoCrowdFunding , #OpenTrust , #GuerrillaNets , > #P2PFiber , #GNURadioRF , #PrivacyCoins , #DropGangs , ... > Maybe it would work to use both. Encrypt the underlying devices with geli, plus encrypt the zfs dataset. I haven't tried this but it logically should be easy to layer them. You would be protected against a bug affecting either one this way, but of course the risk of both being compromised is still nonzero. For the best protection, perhaps different ciphers could be used. I'm not sure what options there are but I'm curious if someone in this wheelhouse could fill in my gaps. - Leif --000000000000700b2806039233f5 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Wed, Aug 23, 2023, 02:02 grarpamp <grarpamp@gmail.com> wrote:
On 8/22/23, iio7@tutanota.com <iio7@tutanota.com&g= t; wrote:
> There seems to be a bit of open (and rather old) ZFS native encryption=
> bugs which still haven't been fixed and it doesn't look like i= t is
> something that is being working on.
>
> Last night I was going to move some important files from an unencrypte= d
> dataset to a new encrypted (ZFS native) one, but then got my doubts > about doing that (looking at all the different open GitHub issues on > OpenZFS).
>
> There exist some rumors about the original company which did the ZFS >=C2=A0 native encryption work (the person doing the work left the compa= ny),
>=C2=A0 and they haven't done more since.
>
> What is the general experience running with ZFS native encryption on > FreeBSD? Is it better to use GELI for the whole pool instead?

Neither GELI, nor the rest of the crypto subsystem,
nor the kernel, nor userland... has ever undergone
anything close to a real security audit, let alone an
independent one, let alone been formally verified.

And agents, moles, malactors, bugs, and worse are running
rampant across the entire computing spectrum... from fab,
to shipping, to OS and crypto development, to magic packets,
to telecom, to phones, to firmware, software, apps, and updates,
BGP, your ISP, frontdoor, backdoor, back orifice, and more.

Your use of any crypto, on any operating system, on any
hardware platform, on any network, is entirely at your own risk.

Still lots of fun yet to be had...

#OpenFabs , #OpenHW , #OpenAudit , #FormalVerification ,
#CryptoCrowdFunding , #OpenTrust , #GuerrillaNets ,
#P2PFiber , #GNURadioRF , #PrivacyCoins , #DropGangs , ...
=

Maybe it would wo= rk to use both. Encrypt the underlying devices with geli, plus encrypt the = zfs dataset. I haven't tried this but it logically should be easy to la= yer them.

You would be p= rotected against a bug affecting either one this way, but of course the ris= k of both being compromised is still nonzero. For the best protection, perh= aps different ciphers could be used. I'm not sure what options there ar= e but I'm curious if someone in this wheelhouse could fill in my gaps.<= /div>

- Leif

--000000000000700b2806039233f5--