From owner-freebsd-current@freebsd.org Thu Jan 4 14:43:59 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CB7D4EB93CC for ; Thu, 4 Jan 2018 14:43:59 +0000 (UTC) (envelope-from se@freebsd.org) Received: from sonic311-44.consmr.mail.ir2.yahoo.com (sonic311-44.consmr.mail.ir2.yahoo.com [77.238.176.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 69E936C480 for ; Thu, 4 Jan 2018 14:43:58 +0000 (UTC) (envelope-from se@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1515077036; bh=8dD6Iyx7XTShKAVSC3TY24Ys5hU/UG0vnb1+XpaH/xE=; h=Subject:To:References:From:Date:In-Reply-To:From:Subject; b=TkOSf+NRSH3MlODOylqEHec1Zy7MJGO1QGBZmGQ7I69IuPhYw2psy4f11m3oMwbtqPt0GR1Z2p1am8LbVrMAMFKODpbHfwThJ7s+pHsWdmkGcatD9qCV6U3rM/Tc/cNGLy1tby0GXA8r9glkxxuZeAOb9GBwOQJSlYP3BaylmRT2wyVBTGLlV5EGUB0A2iGWRh5GXJ18FjrXq0rujx9cX6THhztcmWQ/5lHNUMDzVLe91R699L8ZBDjzM5P3Xc3VP3MuJH7CaqJNZ/RnYWEBaVWCPf/lE22iCVbd6Ed37N/G75vowA7dlPmkApMvcg+OfN6ytvA//LmHqJRS+vjDXg== X-YMail-OSG: zXghkbAVM1mjt8AjUP0EOkIG7JT4d6pwzQC3c9PsQLf17PES8czopYsJAFF8U.W Pcgwj7umYpFIXVyFMN4GKo.dwy.PHVT4jQnbxI6LBgcEPMxHqh2Pd4r5wSrW_FrBR0XroVKcGkdv T2cj1nmleQ7RUVvl4GsP1nwURsiR3HhnMWfcrvaDeFODP1nFM0j6iG2A79K5NR9GJ03Xs2EEP9ly FQEEVJ6NWSjNkD5wDBgEONcVYr3G3FcHRivD8d6w2XpyEcKLcmb1.FKqEU3L1bGSY1cGMjeEQvm_ BNw6ombCS_JSbesWkZKU_uNNHRmJrv2ppo0w1Ug8nryPJ6dgCL5pzhODPVrrhUbHd0ni0eFyku_B Vih0rwYoqqhFM6d787DfjSzLaQMHv.tZec8v09Et._WKH1HoS51zATj.2QpjTM5gPKbtlD_hjNgF Qz10flb841tEH3hm89mUbeplZNBSqK1nziWhQaejvS_hay.VrlyN0rEBFpYllOIZ_B7JM8xIxa3W crJTD Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ir2.yahoo.com with HTTP; Thu, 4 Jan 2018 14:43:56 +0000 Received: from smtp173.mail.ir2.yahoo.com (EHLO Stefans-MBP-LAN.fritz.box) ([46.228.39.40]) by smtp416.mail.ir2.yahoo.com (JAMES SMTP Server ) with ESMTPA ID 874695c029da76230379335eba512b96; Thu, 04 Jan 2018 14:33:47 +0000 (UTC) Subject: Re: Intel CPU design flaw - FreeBSD affected? To: Darren Reed , freebsd-current@freebsd.org References: <9dda0496-be16-35c6-6c45-63d03b218ccb@protected-networks.net> <5A4E165B.6040809@freebsd.org> From: Stefan Esser Message-ID: Date: Thu, 4 Jan 2018 15:33:46 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <5A4E165B.6040809@freebsd.org> Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jan 2018 14:43:59 -0000 Am 04.01.18 um 12:56 schrieb Darren Reed: > On 4/01/2018 11:51 AM, Mark Heily wrote: >> On Jan 2, 2018 19:05, "Warner Losh" wrote: >> >> The register article says the specifics are under embargo still. That would >> make it hard for anybody working with Intel to comment publicly on the flaw >> and any mitigations that may be underway. It would be unwise to assume that >> all the details are out until the embargo lifts. >> >> >> Details of the flaws are now published at: >> >> https://meltdownattack.com > > The web page has both: meltdown and spectre. > Most people are only talking about meltdown which doesn't hit AMD. > spectre impacts *both* Intel and AMD. > > SuSE are making available a microcode patch for AMD 17h processors that > disables branch prediction: > > https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html Disabling branch prediction will have a very noticeable effect on execution speed in general (while split page tables only affect programs that perform system calls at a high frequency). I have not fully read the Meltdown and Spectre papers, yet, but I do assume, that the attack at the branch prediction tries to counter KASLR, which we do not support at all in FreeBSD. So, I guess, we do not have to bother with disabling of branch prediction in FreeBSD for the time being? Regards, STefan