From owner-freebsd-current@freebsd.org Fri Jan 5 12:00:38 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 63132EA410C for ; Fri, 5 Jan 2018 12:00:38 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from mx12-out5.antispamcloud.com (mx12-out5.antispamcloud.com [46.165.232.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6AEEA652FE; Fri, 5 Jan 2018 12:00:37 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from [153.92.8.106] (helo=srv31.niagahoster.com) by mx18.antispamcloud.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1eXQfm-0002MQ-0X; Fri, 05 Jan 2018 13:00:34 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sumeritec.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:References:In-Reply-To:Message-ID:Subject:Cc:To:From:Date:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=F/SYQIEzWWD3Kr79R7WlogZ87Ws8OUFnHe13XgBiBlg=; b=Ykh5oJOzmUap+oabCBuAZS4b2z dka+fhkl1EuawzhnowV7X379Bdg7nbpvnLXVe15JEkRGQSQAWLGDHCwsZTPWVqPunxIOUfTpm3PNE tE693Qosla+61rLZfH6hSBlO824Hh/p9n7pfsHyXawDGZndGVG7tJCbw+YeVJbPVBieeoCPOjB7Zx JfQ2XxqWioOTUdTOGI/M3Ja7NytJHMPVzdfoX1ZC2hs679qCgjWTo1eP6Z3B5V3VJbkMLCaKOmsPf 4BP7oUTDqmKgpNbHstlUGMLYIhs8ZmNBAf8lmgSSTzAfl39nMqL2f0tpTAPatL97xyLiUeeLkSp0f VR6FLEgA==; Received: from subs08-103-10-67-172.three.co.id ([103.10.67.172]:7457 helo=X220.sumeritec.com) by srv31.niagahoster.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1eXQf0-0004Sr-2O; Fri, 05 Jan 2018 18:59:42 +0700 Date: Fri, 5 Jan 2018 19:59:36 +0800 From: Erich Dollansky To: Stefan Esser Cc: Darren Reed , freebsd-current@freebsd.org Subject: Re: Intel CPU design flaw - FreeBSD affected? Message-ID: <20180105195936.1ee7d010.freebsd.ed.lists@sumeritec.com> In-Reply-To: References: <9dda0496-be16-35c6-6c45-63d03b218ccb@protected-networks.net> <5A4E165B.6040809@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-AuthUser: freebsd.ed.lists@sumeritec.com X-Originating-IP: 153.92.8.106 X-AntiSpamCloud-Domain: out.niagahoster.com X-AntiSpamCloud-Username: niaga Authentication-Results: antispamcloud.com; auth=pass (login) smtp.auth=niaga@out.niagahoster.com X-AntiSpamCloud-Outgoing-Class: unsure X-AntiSpamCloud-Outgoing-Evidence: Combined (0.15) X-Recommended-Action: accept X-Filter-ID: EX5BVjFpneJeBchSMxfU5jgJcvih9WPiZMxRl2c6Esfj1g3/PwYZaTCzSym8uE9HzIbxPIVqjxy7 7ut5T1JsZKYawDn/enV6ZOCLci35UYiEhFubuj47Ea+dR4yDS11UXAQiOAisNwrWhTdeG2lEVgwD nwHNwZgIJoSpWzjYl5d9/HimTUzho/rtpZDweBND8jRMB3uQYVVWSEEANGLyrd7G7JKC7Asx24pl PPXK992H9J9aF7x5U6d+zBlSt7Smv0jyP/hzA/BwFfCEJZxGiyVhjKI1mv7/gl8TuLbpjpy09lQ/ NiVM5N3BzRSwrp9YiuHKVLmpZEAjfPZha+Ic1Rw1CrwEq8BERyizrpQHoGmzMHBHN7zTjT43l4xq lenFgQvuD2UNksTg40BEhfECNwHjGN9mut8PUYrNlSG41Vc3/eFdiE4MkeaGU5VJ/8zFmz1KZ33e OV11Gqa7cLdWCPjz7BY+om/60JF3AmF7Wwo/e5HdHjGVIhFOYAOocn3reYOpkmIkkJyYEVaLX77r VRqZR3KVQgqF/fPYYAfEfshBg9wrN/YiktVyZ+iypN/pUKvhn1TeAR98jj1tnrGcQt8JfdM1EPxb GKDnxOtqDWWjwa6WqpeDCYh7wv5KVmNyK4o+6Zr1C1QaJOl4+/iG4+MRZOqWznTWYsnDz/791Ntu LpPzeWJloZPW+PJIga0yotnGdM8b9HvKTt+ASTDbqZ8KKs8vCPWUJhAr4GGiXmqsGEoBj4KdAYA6 D2KCGmEHbh081pFzipnBgdBNypYk/vUf9oDBqtClgM5jH/om1Q4Dp/8j196Ow66OyXl4ADhpOxZR LsWBrUA5TxiFmKpqXHAuaNhcOyss2ayLfHSIwpjwBTL1+6vDOMemz/4I88NDfFh8W8PouInOS3zz s5ZsyfdCnoIsa5jK4+8oVSkVJaKPvI4UsM402VFVXfqRB7JdMS+4ayUpOtEhdxekWDmK9g== X-Report-Abuse-To: spam@quarantine1.antispamcloud.com X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2018 12:00:38 -0000 Hi, On Thu, 4 Jan 2018 15:33:46 +0100 Stefan Esser wrote: > Am 04.01.18 um 12:56 schrieb Darren Reed: > > On 4/01/2018 11:51 AM, Mark Heily wrote: > >> On Jan 2, 2018 19:05, "Warner Losh" wrote: > >> > >> The register article says the specifics are under embargo still. > >> That would make it hard for anybody working with Intel to comment > >> publicly on the flaw and any mitigations that may be underway. It > >> would be unwise to assume that all the details are out until the > >> embargo lifts. > >> > >> > >> Details of the flaws are now published at: > >> > >> https://meltdownattack.com > > > > The web page has both: meltdown and spectre. > > Most people are only talking about meltdown which doesn't hit AMD. > > spectre impacts *both* Intel and AMD. > > > > SuSE are making available a microcode patch for AMD 17h processors > > that disables branch prediction: > > > > https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html > > Disabling branch prediction will have a very noticeable effect on > execution speed in general (while split page tables only affect > programs that perform system calls at a high frequency). > > I have not fully read the Meltdown and Spectre papers, yet, but I do > assume, that the attack at the branch prediction tries to counter > KASLR, which we do not support at all in FreeBSD. > > So, I guess, we do not have to bother with disabling of branch > prediction in FreeBSD for the time being? > an attack on KASLR will not work, but any other attack will be get data from the kernel out. So, FreeBSD is affected but not by the attacks which will work on the other operating systems. Information still can be extracted. Erich