From owner-freebsd-security@freebsd.org Sun May 26 14:24:59 2019 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9C6EA15A8553 for ; Sun, 26 May 2019 14:24:59 +0000 (UTC) (envelope-from lukasz@wasikowski.net) Received: from mail.freebsd.systems (mail.freebsd.systems [IPv6:2001:41d0:a:1dcd::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 003EF8946E for ; Sun, 26 May 2019 14:24:58 +0000 (UTC) (envelope-from lukasz@wasikowski.net) Received: from mail.freebsd.systems (mail.freebsd.systems [IPv6:2001:41d0:a:1dcd::1]) by mail.freebsd.systems (Postfix) with ESMTP id 29D86A68E for ; Sun, 26 May 2019 16:24:56 +0200 (CEST) X-Virus-Scanned: amavisd-new at freebsd.systems Received: from mail.freebsd.systems ([IPv6:2001:41d0:a:1dcd::1]) by mail.freebsd.systems (scan.freebsd.systems [IPv6:2001:41d0:a:1dcd::1]) (amavisd-new, port 10026) with ESMTP id NixtFV_qcocy for ; Sun, 26 May 2019 16:24:56 +0200 (CEST) Received: from [192.168.168.3] (89-70-50-99.dynamic.chello.pl [89.70.50.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.freebsd.systems (Postfix) with ESMTPSA id 9CC13A686 for ; Sun, 26 May 2019 16:24:55 +0200 (CEST) Authentication-Results: mail.freebsd.systems; dmarc=fail (p=none dis=none) header.from=wasikowski.net Authentication-Results: mail.freebsd.systems; spf=fail smtp.mailfrom=lukasz@wasikowski.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wasikowski.net; s=default; t=1558880695; bh=BD3dKeaIXoGb6H5YLKjxkqqn4hxSOb7ywFVMag2QQDw=; h=To:References:From:Date:In-Reply-To; b=ecdZGP7l9uGz6wWPZxTN5zMWbcF2ewB5TKnxI5XVRpvk48ZkerZl8kUdKwdlPIzfH vJjfUrqKSvHrn1ir8g2aVF8ZI03+eMRCniCPfVe/KyUyyujrACF6S9UG0fYcw562ah VSQqaWjFDqoth5iUSYG4qhm6TxMEIr96/csp+5EWUvDoRhAQTGejxlVPbF+NFuJTkX JTv5cth9XYwQf8iATiAdVIjlXo+dpg6cNkR0N7cpcKepaFB0+DqdwRmyvjelNF7B1Y gt02oiP+iRIkFkJjTfbNl2pWGcNneCNsov9A03CAvupBlG9NNZZqB3sPxboyiWEwWJ ZoLQ2ZqBkooqQ== Subject: Re: CVE-2017-5753 (Spectre Variant 1, bounds check bypass) To: freebsd-security@freebsd.org References: <95d36182-df26-be72-972e-2f468be4a939@gmail.com> From: =?UTF-8?Q?=c5=81ukasz_W=c4=85sikowski?= Openpgp: preference=signencrypt Message-ID: Date: Sun, 26 May 2019 16:24:56 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 MIME-Version: 1.0 In-Reply-To: <95d36182-df26-be72-972e-2f468be4a939@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: pl Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 May 2019 14:24:59 -0000 W dniu 2019-05-26 o 16:17, freneza pisze: > Are there any plans to mitigate Spectre Variant 1? > > I ran `spectre-meltdown-checker.sh` from > https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh > and it says there is not mitigation for BSD yet. And how about retpoline for Spectre Variant 2? AFAIR FreeBSD use IBRS which is much slower than retpoline. -- best regards, Lukasz Wasikowski