From owner-freebsd-arch@freebsd.org Fri Jan 5 15:26:04 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2D58BEAF1FE for ; Fri, 5 Jan 2018 15:26:04 +0000 (UTC) (envelope-from repeatable_compression@yahoo.com) Received: from sonic306-21.consmr.mail.ne1.yahoo.com (sonic306-21.consmr.mail.ne1.yahoo.com [66.163.189.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB4E66DB11 for ; Fri, 5 Jan 2018 15:26:03 +0000 (UTC) (envelope-from repeatable_compression@yahoo.com) X-YMail-OSG: _SddRmcVM1nJxZCtrZgFURVxnQKAGb2iASLhSLJnIiLQbCS6oOI8qaV3dM1hi4w SuR4XEcrNnbotGWzz2cB1RcWpSB1xsID_7tekZTsYHGjwmwhBZUX3Uxfer74oK8ZZpq8DHeO5LEY eeuAb2eFA0_m8B3xyJ0U9s7AytItHsCZ2yzBpQ0SVkTfx.35GjTd0xjGnxD7fy5Qy78qAvRFRsfQ ZNhBUrCcDhnNBIutlsAj5myteoKJ6ntp2NWJeF_A2g2fE84MDuDpIkG3d2Jc_3QRHuWg2.avm5ZM 4da9fZS0GqBoVA8_ekbGtdIOen3sOKRQsarEddWTozNERLkluYwivu3wNG1Gra.4Dbh7zxMjNU5H Ygk40Y9ORP7d7EB11heasRrxS71RutuocaLB4dtCiPv.moiQvwyFRwC8SHS2NcWahwFfIvURAPJt hplC7FHgei1GlSYZHPAvV6Zp7zHb5Rzw8XdNxdkRVR85EoNzCwHRicSwc4O9q4oRvn7_tNhaVrNR FFCBnZyqu3qz5DNmNLgU9Hw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Fri, 5 Jan 2018 15:25:57 +0000 Date: Fri, 5 Jan 2018 15:25:34 +0000 (UTC) From: Jules Gilbert To: =?UTF-8?Q?Dag-Erling_Sm=C3=B8rgrav?= Cc: "Ronald F. Guilmette" , Eric McCorkle , Freebsd Security , Poul-Henning Kamp , "freebsd-arch@freebsd.org" , FreeBSD Hackers , Shawn Webb , Nathan Whitehorn Message-ID: <302406914.1010662.1515165934929@mail.yahoo.com> In-Reply-To: <861sj4tlak.fsf@desk.des.no> References: <736a2b77-d4a0-b03f-8a6b-6a717f5744d4@metricspace.net> <2594.1515141192@segfault.tristatelogic.com> <809675000.867372.1515146821354@mail.yahoo.com> <861sj4tlak.fsf@desk.des.no> Subject: Re: Intel hardware bug MIME-Version: 1.0 X-Mailer: WebService/1.1.11150 YMailNorrin Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:57.0) Gecko/20100101 Firefox/57.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2018 15:26:04 -0000 Ah, sorry I'm wrong.=C2=A0 I apologize.=C2=A0 I won't intrude further.=C2= =A0 I spoke up because selectively choosing to read sections of kernel memo= ry is one thing, obtaining useful information from an arbitrary block of ke= rnel memory you don't get to choose is quite another. But their are several people here I respect very much and if they say I'm w= rong about an area they focus on,... me bad. On Friday, January 5, 2018, 9:48:50 AM EST, Dag-Erling Sm=C3=B8rgrav wrote: =20 =20 Jules Gilbert writes: > Sorry guys, you just convinced me that no one, not the NSA, not the > FSB, no one!, has in the past, or will in the future be able to > exploit this to actually do something not nice. The technique has already been proven by multiple independent parties to work quite well, allowing an attacker to read kernel memory at speeds of up to 500 kB/s.=C2=A0 But I guess you know better... DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no =20 From owner-freebsd-arch@freebsd.org Fri Jan 5 15:53:01 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BABB9EB0A16; Fri, 5 Jan 2018 15:53:01 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from mail.metricspace.net (mail.metricspace.net [IPv6:2001:470:1f11:617::107]) by mx1.freebsd.org (Postfix) with ESMTP id 921806F00F; Fri, 5 Jan 2018 15:53:01 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from [192.168.43.57] (mobile-166-171-187-244.mycingular.net [166.171.187.244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: eric) by mail.metricspace.net (Postfix) with ESMTPSA id 1FE5D8900; Fri, 5 Jan 2018 15:35:14 +0000 (UTC) Subject: Re: Intel hardware bug To: =?UTF-8?Q?C_Bergstr=c3=b6m?= Cc: Freebsd Security , "freebsd-arch@freebsd.org" , FreeBSD Hackers References: <736a2b77-d4a0-b03f-8a6b-6a717f5744d4@metricspace.net> <2594.1515141192@segfault.tristatelogic.com> <809675000.867372.1515146821354@mail.yahoo.com> <250f3a77-822b-fba5-dcd7-758dfec94554@metricspace.net> From: Eric McCorkle Message-ID: <755a65eb-b02e-05c5-e1a2-701cfd8bc837@metricspace.net> Date: Fri, 5 Jan 2018 10:35:13 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2018 15:53:01 -0000 On 01/05/2018 09:55, C Bergström wrote: > Don't bet on it.  There's reports of AMD vulnerabilities, also for ARM. > I doubt any major architecture is going to make it out unscathed.  (But > if one does, my money's on Power) > > > Nope, the only arch that I'm aware of that gets past this is SPARC(hah!) > due to the seperate userland and kernel memory virtualization. Alas, poor Sparc. I knew them, Horatio... It looks like Red Hat is indeed reporting Power9 to be vulnerable: https://access.redhat.com/security/vulnerabilities/speculativeexecution Unfortunate. I hope they get fixed silicon out in time for the Talos II workstation.