From owner-freebsd-current@freebsd.org Wed Jan 3 00:56:28 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B5478E874C7 for ; Wed, 3 Jan 2018 00:56:28 +0000 (UTC) (envelope-from cy.schubert@komquats.com) Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 8B5E27BA12 for ; Wed, 3 Jan 2018 00:56:28 +0000 (UTC) (envelope-from cy.schubert@komquats.com) Received: from spqr.komquats.com ([96.50.22.10]) by shaw.ca with ESMTPA id WXLxeqzakYy1iWXLyeNuXc; Tue, 02 Jan 2018 17:56:22 -0700 X-Authority-Analysis: v=2.2 cv=f8g4PK6M c=1 sm=1 tr=0 a=jvE2nwUzI0ECrNeyr98KWA==:117 a=jvE2nwUzI0ECrNeyr98KWA==:17 a=IkcTkHD0fZMA:10 a=RgaUWeydRksA:10 a=BWvPGDcYAAAA:8 a=JqEG_dyiAAAA:8 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8 a=zxA2vyXaAAAA:8 a=DjmawdlsAAAA:8 a=VwQbUJbxAAAA:8 a=HoJSghi9AAAA:8 a=zI7Yf533FpMDvwFUVt8A:9 a=fL1G9Pg1z1vS0I4W:21 a=ZHVkXNEHumvy1K2O:21 a=QEXdDO2ut3YA:10 a=pxhY87DP9d2VeQe4joPk:22 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22 a=nK2txNHJmq7TfjpuLlwI:22 a=9WNRskb1zeeanTosM84Z:22 a=AjGcO6oz07-iQ99wixmX:22 a=LeoNfjWMn6diZIv87PBK:22 Received: from [10.168.3.109] (S0106d4ca6d8943b0.gv.shawcable.net [70.66.132.207]) by spqr.komquats.com (Postfix) with ESMTPSA id A356F31F; Tue, 2 Jan 2018 16:56:20 -0800 (PST) Date: Tue, 02 Jan 2018 16:56:16 -0800 User-Agent: K-9 Mail for Android In-Reply-To: <20180103002445.2F9292E8@spqr.komquats.com> References: <20180103002445.2F9292E8@spqr.komquats.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: RE: Intel CPU design flaw - FreeBSD affected? To: freebsd-current@freebsd.org, Zaphod Beeblebrox , Michael Butler CC: FreeBSD Current From: Cy Schubert Message-ID: <3720C563-77D8-4B9C-BFA7-082B91575506@cschubert.com> X-CMAE-Envelope: MS4wfE+PehQcwerC07VeY0lS3B5zGZF+3M6TKrsU70CazhwgEF9s92wfB/MTB6vjA8AvseQhaG2lEmGv8RrJU1j0bN7NApqRzcv0KoN0qL/uXXc+aLuvuljI +pcyKGg8SjY7SN7nb9+BqvdmVgGC5xd+TG/5ppClXSdzL4AxMkxiJ9vt3sBtigBOBKBa+Su22iyw5ZOsderOXaOLspNr9A+NOhaidUCVnu2blU+ZszGyzIN2 Z1guQUEp6tBlDV2exls03bZJLVKbs8Hfw/zESBGDS00= X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jan 2018 00:56:28 -0000 On January 2, 2018 4:24:55 PM PST, Cy Schubert wrote: >https://mobile=2Etwitter=2Ecom/grsecurity/status/948170302286172160?p=3Dv > >--- >Sent using a tiny phone keyboard=2E >Apologies for any typos and autocorrect=2E >Also, this old phone only supports top post=2E Apologies=2E > >Cy Schubert > or >The need of the many outweighs the greed of the few=2E >--- > >-----Original Message----- >From: Zaphod Beeblebrox >Sent: 02/01/2018 15:50 >To: Michael Butler >Cc: FreeBSD Current >Subject: Re: Intel CPU design flaw - FreeBSD affected? > >>From the information that was leaked by AMD claiming that their >processors >didn't have the flaws, it would seem any OS in which the kernel >occupies >the same address space as the userland would be vulnerable=2E The AMD >post >implied that Intel's speculative execution of code did not check the >validity of the operands before speculatively executing the code=2E I >suppose the implication is that the security check "catches up" with >the >speculative execution at some point =2E=2E=2E and that their (AMD's) >microcode >did check=2E > >Anyways=2E=2E=2E for those keeping score at home, this is a privilege >escalation >bug=2E=2E=2E so it's only really useful in concert with other bugs =2E=2E= =2E but >still >pretty huge=2E > >Some estimate that between 5% and 30% performance degradation may be >unavoidable=2E Some say it's worse or can't be fully fixed=2E > >Certainly, the sunk cost of current CPUs is a huge issue for server >farm >vendors like Amazon and/or google=2E > >On Tue, Jan 2, 2018 at 6:13 PM, Michael Butler > >wrote: > >> Has any impact assessment been made as to FreeBSD's exposure or >> mitigation strategies? >> >> 'Kernel memory leaking' Intel processor design flaw forces Linux, >> Windows redesign - The Register >> >> https://www=2Etheregister=2Eco=2Euk/2018/01/02/intel_cpu_design_flaw/ >> >> >_______________________________________________ >freebsd-current@freebsd=2Eorg mailing list >https://lists=2Efreebsd=2Eorg/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to >"freebsd-current-unsubscribe@freebsd=2Eorg" > >_______________________________________________ >freebsd-current@freebsd=2Eorg mailing list >https://lists=2Efreebsd=2Eorg/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to >"freebsd-current-unsubscribe@freebsd=2Eorg" No need for invpcid, https://patchwork=2Ekernel=2Eorg/patch/10081791/=2E --- Cy Schubert or -- small keyboard in use, apologies for typos and autocorrect --