From owner-freebsd-arch@freebsd.org  Sat Jan  6 19:55:17 2018
Return-Path: <owner-freebsd-arch@freebsd.org>
Delivered-To: freebsd-arch@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 873CDDB8C72;
 Sat,  6 Jan 2018 19:55:17 +0000 (UTC)
 (envelope-from jmg@gold.funkthat.com)
Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "gate2.funkthat.com",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 6A0587CD63;
 Sat,  6 Jan 2018 19:55:17 +0000 (UTC)
 (envelope-from jmg@gold.funkthat.com)
Received: from gold.funkthat.com (localhost [127.0.0.1])
 by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id w06JtBre047913
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
 Sat, 6 Jan 2018 11:55:11 -0800 (PST)
 (envelope-from jmg@gold.funkthat.com)
Received: (from jmg@localhost)
 by gold.funkthat.com (8.15.2/8.15.2/Submit) id w06JtBG9047912;
 Sat, 6 Jan 2018 11:55:11 -0800 (PST) (envelope-from jmg)
Date: Sat, 6 Jan 2018 11:55:11 -0800
From: John-Mark Gurney <jmg@funkthat.com>
To: Freddie Cash <fjwcash@gmail.com>
Cc: Freebsd Security <freebsd-security@freebsd.org>,
 FreeBSD Hackers <freebsd-hackers@freebsd.org>,
 "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>
Subject: Re: Intel hardware bug
Message-ID: <20180106195510.GH75576@funkthat.com>
Mail-Followup-To: Freddie Cash <fjwcash@gmail.com>,
 Freebsd Security <freebsd-security@freebsd.org>,
 FreeBSD Hackers <freebsd-hackers@freebsd.org>,
 "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>
References: <20180105191145.404BC335@spqr.komquats.com>
 <CAOjFWZ6cJ8C+huRukZ39pW+7dkfZmZaC81YkXS6OovX9PB6XbQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAOjFWZ6cJ8C+huRukZ39pW+7dkfZmZaC81YkXS6OovX9PB6XbQ@mail.gmail.com>
X-Operating-System: FreeBSD 11.0-RELEASE-p7 amd64
X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7  ED9B D5FF 5A51 C0AC 3D65
X-Files: The truth is out there
X-URL: https://www.funkthat.com/
X-Resume: https://www.funkthat.com/~jmg/resume.html
X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE
X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger?
User-Agent: Mutt/1.6.1 (2016-04-27)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3
 (gold.funkthat.com [127.0.0.1]); Sat, 06 Jan 2018 11:55:11 -0800 (PST)
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Jan 2018 19:55:17 -0000

Freddie Cash wrote this message on Fri, Jan 05, 2018 at 11:53 -0800:
> Spectre (aka CVE-2017-5715 and CVE-2017-5753) is the issue that affects all
> CPUs (Intel, AMD, ARM, IBM, Oracle, etc) and allows userland processes to
> read memory assigned to other userland processes (but does NOT give access
> to kernel memory).

No, Spectre does not allow one userland process to read another userland
process's memory..  It allows an attacker to read any memory within the
same process..

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."