From owner-freebsd-security@freebsd.org Mon Mar 19 02:48:11 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0827EF69B0F for ; Mon, 19 Mar 2018 02:48:11 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8983B74020 for ; Mon, 19 Mar 2018 02:48:10 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: by mail-it0-x234.google.com with SMTP id u5-v6so8454539itc.1 for ; Sun, 18 Mar 2018 19:48:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=H4G0UxsiZza96nD17gzP6kisnAeUoCF6Vv+lUHL7vfg=; b=YOgDWDSYjcwZTyTAtHd4UsQeX+D4G2hhXI+cI198dEpdAALdI00rzuHdrxr9uwjN6g r08zbJRYpw1iIW+aGIp3SXd5OfXBLx2lPehhTviAOV4i/jUxrhTaWwT60iXYd/tvTkCQ hK67TR1869KOEuuHENqPh7QpoJbXYANI02Is1u0rB+J2k1tbkc9i6MbrZE2OFJFHe7iS PcCmbLtKsurPQWEcNGUEuZeUvW60kqYggCHjsuV9G94Zbyjn5bMlcttywa4ktoRAJoDr KNoYEcjj0D1jxwnqE2U/PSR3cb8m56fFkMHK3hWWoVJGxEillnFHtKs4TNujqI2dKvEH e0JQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=H4G0UxsiZza96nD17gzP6kisnAeUoCF6Vv+lUHL7vfg=; b=HW5K3OAD0g4pRkj0jbO1/l3sJFg0FaTmgjdKaCGNAeJLhKqcPwUsPfrKxIHTu7ZSXg TYMh6lTu9lFL2rJHw+RsBFoCSfe9mUuqdzKwpR9oxJ5VtT18k72He7kC7027LO6LG/3g Npnc5oq7XAzUDhxc3pSenDGqAdLa79umY4wvp98egUsLZgpcGO5JIuJ1v9CtrekBWq6R Fi2qNeKip8JKc7u514V65v+XXie96nU0U/Q1Mj4+TPF8vr1D+9T1tuy1939NCGGy+bbI dODofS36xS9LRjHPsV8y4/cBWaJlWUcT2FbWtotneQMq7cH5iTer5Iqq4foFejhRHJQC 6RJA== X-Gm-Message-State: AElRT7ELZOqaqu1lmPyikAwNh6g5B+egah+sqeZY+R33jYsUIf5A04Qs 8BmAPEf/2KVsLAWgeSBcCAkQ3SjgYv55+jxJ7xmAdw== X-Google-Smtp-Source: AG47ELsNHZ08NSMyB9dHexUDXUZw1KAAeTkhbwHey2z0Fv9P6hnySCbholG46OzAqjKzyhDurM3ltDCgQSNpVcRTu4M= X-Received: by 2002:a24:d241:: with SMTP id z62-v6mr10102508itf.49.1521427689886; Sun, 18 Mar 2018 19:48:09 -0700 (PDT) MIME-Version: 1.0 Sender: carpeddiem@gmail.com Received: by 10.107.163.13 with HTTP; Sun, 18 Mar 2018 19:47:49 -0700 (PDT) In-Reply-To: <8deba9d2-17b5-9088-1766-42f9e334df89@demter.de> References: <20180314042924.E880D1128@freefall.freebsd.org> <337d9fd4-2aa4-609a-6a00-e9ce2be599cc@netfence.it> <8deba9d2-17b5-9088-1766-42f9e334df89@demter.de> From: Ed Maste Date: Sun, 18 Mar 2018 22:47:49 -0400 X-Google-Sender-Auth: ALYnSkuEuSRLb43b1khjnHSFlZM Message-ID: Subject: Re: FreeBSD Security Advisory FreeBSD-SA-18:03.speculative_execution To: Jan Demter Cc: Andrea Venturoli , freebsd-security@freebsd.org Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2018 02:48:11 -0000 On 18 March 2018 at 13:54, Jan Demter wrote: > Hi Andrea! > > Am 16.03.18 um 17:11 schrieb Andrea Venturoli via freebsd-security: >> >> On 03/14/18 05:29, FreeBSD Security Advisories wrote: >>> >>> # sysctl vm.pmap.pti >>> vm.pmap.pti: 1 >> >> Of course I find this enabled on the Intel box and not on the AMD one, >> but... is PTI in any way affected by a microcode update from Intel? > > From what I have read so far, I'm pretty certain it isn't planned or even > possible to patch this via a microcode update. That is correct. Meltdown won't ever be fixed with a microcode update as far as we know, and no microcode update is required for the PTI mitigation. There's one small wrinkle: there are some recent lower-end processors (at least some recent Celerons) which it seems are not susceptible to Meltdown, and after a microcode update will set a bit to indicate this. In that case a microcode update will cause FreeBSD to switch from enabling PTI to disabling it by default -- but that CPU is not affected by Meltdown, with or without the update. > IBRS does not seem to be enabled by default: > https://reviews.freebsd.org/rS328625 > "For existing processors, you need a microcode update which adds IBRS > CPU features, and to manually enable it by setting the tunable/sysctl > hw.ibrs_disable to 0." That is true. Further, we expect the compiler-based retpoline to be the usual mitigation used for Spectre V2, for CPUs before Skylake. Development work for this is still ongoing in -CURRENT.