From owner-freebsd-current@freebsd.org Thu Jan 4 16:29:18 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0C085EC1AAF for ; Thu, 4 Jan 2018 16:29:18 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-io0-x22b.google.com (mail-io0-x22b.google.com [IPv6:2607:f8b0:4001:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C2B1472426 for ; Thu, 4 Jan 2018 16:29:17 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-io0-x22b.google.com with SMTP id g70so2765980ioj.6 for ; Thu, 04 Jan 2018 08:29:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=g0iLvCv8liFRtM0U39Nuo3jjS9KTokmiqVlCy2WewFA=; b=tok0ElwBW9hhzjFwccjrkG2dP/AHSK4A3OT5JMA2Zd/VTBQSAbo8ZxEmnWIoF2mQY7 ye1qqGxHAAQT7finju5pg0vgkPJv18kki/bTHIdp0VgWQOAxjdj68SPIJiL+4Hj0wDrI 6LWCyiztsuN31px0fVacv7oPN0Nig8I96u2qMDBZxSUM+hdrUbPmtP+yEGMHweLGswZt Nc94kZV4LCNVS4bQIl/pk1GgSGqCAdbK7TyPLkwxY89Fj/h24BHBuAkRV8etOSfvSzPH SIUGrAOv/mIkA97S3C/ZiDo1ug1UFWipSLNcYe8OOSmHbhqrBwMRgKndhtZQxzYQgiCY A+fA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=g0iLvCv8liFRtM0U39Nuo3jjS9KTokmiqVlCy2WewFA=; b=mWd3mNHm+wss6D0wfEaXVEAe96arKos/REj9W+HvqTB2VJ8KhwMsD6W0ub0EHmBKao eniIJE8QDYxfDm81bpZWzSnWaxX/+PtqIOC8IKmIQNSXHYTGFaC5pvL0jaOSebav3H9Z 3Hn0B3iekD/fhQvXvTnXo7+ksqpQ1zCOffffwEEiEFOX2R5bFIaTZjlh+LDGiRnqeQnD a9z7fH3Y9rwW8JeD+rp7u9n3quampdfHnPrSo84s/i3fKinanJRPuMUC1+SGz1mgB3oR sgDUtE7k2lMROpPUSFwRYus02Zu9jbr/TPzzY0jgt+MdakA+3e3UOmChBxMYjRFRReWl tslw== X-Gm-Message-State: AKwxyteAfa2zanOikbJfiNB/ioQcakyx+KXvac/5z/DLG+B2XbDuo5Pg JsMyo1QEOPLDw9L9FrcuTjezaR2bhe4WdHNjHFjIBg== X-Google-Smtp-Source: ACJfBouAyvQuhEZ/JxAZhBIIM+W1zZ3jTd5tttdn7melnSk6byXQU7Cav3ScjseC7NESBEfP+3zb+uHM6/WYlE5S/5A= X-Received: by 10.107.12.36 with SMTP id w36mr112370ioi.291.1515083356775; Thu, 04 Jan 2018 08:29:16 -0800 (PST) MIME-Version: 1.0 Sender: wlosh@bsdimp.com Received: by 10.79.108.204 with HTTP; Thu, 4 Jan 2018 08:29:16 -0800 (PST) X-Originating-IP: [2603:300b:6:5100:1052:acc7:f9de:2b6d] In-Reply-To: References: <9dda0496-be16-35c6-6c45-63d03b218ccb@protected-networks.net> <5A4E165B.6040809@freebsd.org> From: Warner Losh Date: Thu, 4 Jan 2018 09:29:16 -0700 X-Google-Sender-Auth: JEseTAlfQvQyyw-A796ObzPlVeo Message-ID: Subject: Re: Intel CPU design flaw - FreeBSD affected? To: Stefan Esser Cc: Darren Reed , FreeBSD Current Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jan 2018 16:29:18 -0000 On Thu, Jan 4, 2018 at 7:33 AM, Stefan Esser wrote: > Am 04.01.18 um 12:56 schrieb Darren Reed: > > On 4/01/2018 11:51 AM, Mark Heily wrote: > >> On Jan 2, 2018 19:05, "Warner Losh" wrote: > >> > >> The register article says the specifics are under embargo still. That > would > >> make it hard for anybody working with Intel to comment publicly on the > flaw > >> and any mitigations that may be underway. It would be unwise to assume > that > >> all the details are out until the embargo lifts. > >> > >> > >> Details of the flaws are now published at: > >> > >> https://meltdownattack.com > > > > The web page has both: meltdown and spectre. > > Most people are only talking about meltdown which doesn't hit AMD. > > spectre impacts *both* Intel and AMD. > > > > SuSE are making available a microcode patch for AMD 17h processors that > > disables branch prediction: > > > > https://lists.opensuse.org/opensuse-security-announce/ > 2018-01/msg00004.html > > Disabling branch prediction will have a very noticeable effect on execution > speed in general (while split page tables only affect programs that perform > system calls at a high frequency). > > I have not fully read the Meltdown and Spectre papers, yet, but I do > assume, > that the attack at the branch prediction tries to counter KASLR, which we > do > not support at all in FreeBSD. > > So, I guess, we do not have to bother with disabling of branch prediction > in > FreeBSD for the time being? > Branch prediction has nothing to do with defeating KASLR. It's rather the whole crux of the attack. Disabling it is one way to prevent Specter. The only thing that will help Meltdown, though, is separate page tables. It's only an incidental foot note that these methods don't care about KASLR and KASLR isn't at all effective in blunting these attacks. Warner