Date: Tue, 02 Jan 2018 16:56:16 -0800 From: Cy Schubert <Cy.Schubert@komquats.com> To: freebsd-current@freebsd.org, Zaphod Beeblebrox <zbeeble@gmail.com>, Michael Butler <imb@protected-networks.net> Cc: FreeBSD Current <freebsd-current@freebsd.org> Subject: RE: Intel CPU design flaw - FreeBSD affected? Message-ID: <3720C563-77D8-4B9C-BFA7-082B91575506@cschubert.com> In-Reply-To: <20180103002445.2F9292E8@spqr.komquats.com> References: <20180103002445.2F9292E8@spqr.komquats.com>
index | next in thread | previous in thread | raw e-mail
On January 2, 2018 4:24:55 PM PST, Cy Schubert <Cy.Schubert@komquats.com> wrote: >https://mobile.twitter.com/grsecurity/status/948170302286172160?p=v > >--- >Sent using a tiny phone keyboard. >Apologies for any typos and autocorrect. >Also, this old phone only supports top post. Apologies. > >Cy Schubert ><Cy.Schubert@cschubert.com> or <cy@freebsd.org> >The need of the many outweighs the greed of the few. >--- > >-----Original Message----- >From: Zaphod Beeblebrox >Sent: 02/01/2018 15:50 >To: Michael Butler >Cc: FreeBSD Current >Subject: Re: Intel CPU design flaw - FreeBSD affected? > >>From the information that was leaked by AMD claiming that their >processors >didn't have the flaws, it would seem any OS in which the kernel >occupies >the same address space as the userland would be vulnerable. The AMD >post >implied that Intel's speculative execution of code did not check the >validity of the operands before speculatively executing the code. I >suppose the implication is that the security check "catches up" with >the >speculative execution at some point ... and that their (AMD's) >microcode >did check. > >Anyways... for those keeping score at home, this is a privilege >escalation >bug... so it's only really useful in concert with other bugs ... but >still >pretty huge. > >Some estimate that between 5% and 30% performance degradation may be >unavoidable. Some say it's worse or can't be fully fixed. > >Certainly, the sunk cost of current CPUs is a huge issue for server >farm >vendors like Amazon and/or google. > >On Tue, Jan 2, 2018 at 6:13 PM, Michael Butler ><imb@protected-networks.net> >wrote: > >> Has any impact assessment been made as to FreeBSD's exposure or >> mitigation strategies? >> >> 'Kernel memory leaking' Intel processor design flaw forces Linux, >> Windows redesign - The Register >> >> https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ >> >> >_______________________________________________ >freebsd-current@freebsd.org mailing list >https://lists.freebsd.org/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to >"freebsd-current-unsubscribe@freebsd.org" > >_______________________________________________ >freebsd-current@freebsd.org mailing list >https://lists.freebsd.org/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to >"freebsd-current-unsubscribe@freebsd.org" No need for invpcid, https://patchwork.kernel.org/patch/10081791/. --- Cy Schubert <Cy.Schubert@cschubeet.com> or <cy@freebsd.org> -- small keyboard in use, apologies for typos and autocorrect --help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3720C563-77D8-4B9C-BFA7-082B91575506>