From owner-freebsd-questions@freebsd.org Mon Jan 8 17:43:11 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 80B69E7A2A7 for ; Mon, 8 Jan 2018 17:43:11 +0000 (UTC) (envelope-from fernando.apesteguia@gmail.com) Received: from mail-lf0-x232.google.com (mail-lf0-x232.google.com [IPv6:2a00:1450:4010:c07::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D27A76878A for ; Mon, 8 Jan 2018 17:43:08 +0000 (UTC) (envelope-from fernando.apesteguia@gmail.com) Received: by mail-lf0-x232.google.com with SMTP id j143so12978258lfg.0 for ; Mon, 08 Jan 2018 09:43:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=4qS08vVMFzXHTRe94JYvWf8EsvPx/l73HODqR5SlYV0=; b=lyel2YRYy544O+MqsDJruQNhAQp2FG5IX66Q6jfwQwBNTXheMFQjS4F2wp1v9hc4vH Q1yXdSA3Jt2De8F/dDptIlyPNekSKdgdPGD4GZ12kHcCW7oBJ7e0aJWTDZF2XRzTJ4I2 p/W9hrHVjWJDcyITmEzX/xwjRt+9yDiIrrfFKKS6ylmUVX6G5aQA7nojnfPX1znK+Hb3 qSIGPm9TXJ2gLkhxWXsxXscsPFaEmT8lYmPLSswL6ep00mOcdfLKXytsT8jSlNqeW5Rq 4k2pOAkJGtWZFCr44c4G7+BRfeCP2zgfaL4+EZN/HRsVg2migqdjBfSmDedo0F2PByIe p0WQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=4qS08vVMFzXHTRe94JYvWf8EsvPx/l73HODqR5SlYV0=; b=uH4UlKHXv6c60I+zFFgCvc6souD5J4M1Nbj9Z4ciXWWd8JODB+xFNVbRLUza3kPHKq a0AgxtOYqIwr/Dc8C8UEhLu5psOC5kxq9eHBRSFG4VlGj+IarKPtJSwGhEgbspWX/1gY LRUBlwy98G842j5Or4X/+iNC00OBP3lGewFTuG+BdBfoofsaUis8kxNmfNvZTNilyisz j9/cLoBcZL4rkGWRdnvRo5WWtuwT/vmLLpQNPqkZ9Zufai/S8eb3QPfLj+dJ6HCwYfeD aTx4eyo/4bOmiSGYWEORAI0kc8tqU78Def57kieLzTCnm06flRga1Z9naEpPaNULIRG7 asEg== X-Gm-Message-State: AKGB3mKO65NZ21qVJLEwUrp4mt4pkq2lCEda2LkCEYW2z1b/8YdezMHS fY+Al2ae/WTwVXPEW36D9uLxXixR36rvnkFc1LI= X-Google-Smtp-Source: ACJfBouoxDTrRKQS8eR3h7PzcC1/MoPGMShZl7pz74hZuK9pLry0VGWgzFfV6ibplG8wHbQXqWlyOTBeRGBanTzgiQo= X-Received: by 10.46.7.79 with SMTP id i15mr6838753ljd.42.1515433386451; Mon, 08 Jan 2018 09:43:06 -0800 (PST) MIME-Version: 1.0 Received: by 10.25.19.219 with HTTP; Mon, 8 Jan 2018 09:43:05 -0800 (PST) In-Reply-To: References: <3AECDC7F-8838-4C09-AC7F-117DFBAA326C@sigsegv.be> <20180108085756.GA3001@c720-r314251> <48211515-cc6b-522b-ccd2-4d0c1f6a2072@columbus.rr.com> <44279dcb-7b15-865a-ca71-938b3832d0e7@columbus.rr.com> From: =?UTF-8?Q?Fernando_Apestegu=C3=ADa?= Date: Mon, 8 Jan 2018 18:43:05 +0100 Message-ID: Subject: =?UTF-8?B?UmU6IE1lbHRkb3duIOKAkyBTcGVjdHJl?= To: Baho Utot Cc: Aryeh Friedman , User Questions Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jan 2018 17:43:12 -0000 On Mon, Jan 8, 2018 at 6:36 PM, Baho Utot wrote= : > > > On 1/8/2018 12:15 PM, Fernando Apestegu=C3=ADa wrote: >> >> >> >> On Mon, Jan 8, 2018 at 1:53 PM, Baho Utot > > wrote: >> > >> > >> > On 1/8/2018 7:37 AM, Aryeh Friedman wrote: >> >> >> >> >> >> >> >> On Mon, Jan 8, 2018 at 7:28 AM, Baho Utot > >> >> = >> >> wrote: >> >> >> >> >> >> >> >> On 1/8/2018 4:15 AM, Aryeh Friedman wrote: >> >> >> >> On Mon, Jan 8, 2018 at 3:57 AM, Matthias Apitz > >> >> >> wrote: >> >> >> >> As I side note, and not related to FreeBSD: My Internet >> >> server is run by >> >> some webhosting company (www.1blu.de >> ), >> >> >> >> >> they use Ubuntu servers and since >> >> yesterday they have shutdown SSH access to the servers >> >> argumenting that >> >> they want >> >> protect my (all's) servers against attacks of Meltdown and >> >> Spectre. >> >> >> >> Imagine, next time we have to shutdown all IOT gadgets... >> >> >> >> >> >> >> >> Not always possible for things like medical test >> >> equipment/devices. For >> >> example I maintain a specialized EMR for interacting with Dr. >> >> prescribed >> >> remote cardiac monitors. Having those off line is not an >> >> option since >> >> they are used to detect if the patient needs something more >> >> serious like a >> >> pace maker (also almost always a IoT device these days) surgery. >> >> >> >> The actual monitoring is done on Windows and was attacked by some >> >> ransomeware via a bit coin miner that somehow installed it >> >> self. Since >> >> all the users claim that they don't read email/upload/download >> >> executables >> >> or any other of the known attack vectors this leaves something >> >> like >> >> Meltdown or Spectre. We have also detected issues on the >> >> CentOS that has >> >> the non-medical corporate site on it. The only machine left on >> >> touched on >> >> the physical server (running some bare metal virtualization >> >> tool) is the >> >> FreeBSD machine that runs the actual EMR we wrote. >> >> >> >> TL;DR -- It seems Linux and Windows already have issues with >> >> these holes >> >> but I have seen little to no evidence that FreeBSD (when run as >> >> a host). >> >> In general when ever any virtualization issue (like the bleed >> >> through on >> >> Qemu last year) comes up FreeBSD is the one OS that seems to be >> >> immune >> >> (thanks to good design of the OS and bhyve). This is the main >> >> reason why >> >> I chose FreeBSD over Linux as the reference host for PetiteCloud. >> >> >> >> >> >> This is not operating system specific, read the papers on theses >> >> two. it attacks the cpu, usally through a JIT >> >> >> >> >> >> Please learn a little OS design theory before making insane claims. >> >> Specifically it *ONLY* effects OS's that rely on the specific CPU >> >> architecture (vs. a generic one). Namely if you strictly partition t= he >> page >> >> table between userland and kernel space (which xxxBSD has always don= e >> and >> >> Linux has not) and don't use any CPU specific instructions to do so >> (except >> >> for protected vs. unprotected mode in the original 386 design FreeBS= D >> does >> >> not do this while yet again microslut and linux do). >> >> >> >> For more info go read the more technical thread then here in -hacker= s@ >> and >> >> -current@. >> > >> > >> > >> > Go read the papers Spectre and Meltdown. >> > This attacks Intel and Arm processors, AMD processors seems to not ha= ve >> the >> > issue. Intel is issuing new firmware for their processors. >> > Why is does then Apple have the problem as well? >> >> About AMD, they seem to be affected by at least two variants of these >> attacks: >> >> https://www.amd.com/en/corporate/speculative-execution >> > > Variant One Bounds Check Bypass Resolved by software / OS > updates to be made available by > system vendors and > manufacturers. Negligible > performance impact expected. > > Variant Two Branch Target Injection Differences in AMD > architecture mean there > is a near zero risk of > exploitation of this > variant. Vulnerability > to Variant 2 has not > been demonstrated on AMD > processors to date. > > Variant Three Rogue Data Cache Load Zero AMD vulnerability due to > AMD architecture differences. > > For Variant 1 OS fix > > For Variant 2 and 3 ZERO to near ZERO risk > > So yes my statement stands Sorry, I might have misunderstood. The statement was "AMD processors seems to not have the issue". But they acknowledge the issue. In variant 1 it exists and it is fixed by OS (so if it is fixed, it means it affects AMD's processors), in variant 2 exists (nearly zero is not zero), and in variant 3, yes, it is not affected. So it is kind of a 2/3 affected for AMD. Cheers. > >