From owner-freebsd-arch@freebsd.org  Fri Jan  5 20:20:18 2018
Return-Path: <owner-freebsd-arch@freebsd.org>
Delivered-To: freebsd-arch@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id BBAB3EBE46C
 for <freebsd-arch@mailman.ysv.freebsd.org>;
 Fri,  5 Jan 2018 20:20:18 +0000 (UTC)
 (envelope-from jan@digitaldaemon.com)
Received: from digitaldaemon.com (digitaldaemon.com [162.217.114.50])
 by mx1.freebsd.org (Postfix) with SMTP id 57D057C425
 for <freebsd-arch@freebsd.org>; Fri,  5 Jan 2018 20:20:18 +0000 (UTC)
 (envelope-from jan@digitaldaemon.com)
Received: (qmail 64581 invoked by uid 89); 5 Jan 2018 20:12:51 -0000
Received: from c-24-0-179-87.hsd1.nj.comcast.net (HELO iMac.local)
 (jan@digitaldaemon.com@24.0.179.87)
 by digitaldaemon.com with SMTP; 5 Jan 2018 20:12:51 -0000
Subject: Re: Intel hardware bug
To: Freddie Cash <fjwcash@gmail.com>
Cc: Freebsd Security <freebsd-security@freebsd.org>,
 FreeBSD Hackers <freebsd-hackers@freebsd.org>,
 "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>
References: <20180105191145.404BC335@spqr.komquats.com>
 <CAOjFWZ6cJ8C+huRukZ39pW+7dkfZmZaC81YkXS6OovX9PB6XbQ@mail.gmail.com>
From: Jan Knepper <jan@digitaldaemon.com>
Message-ID: <65e5dcae-b973-a54e-868e-bdc4abf007cb@digitaldaemon.com>
Date: Fri, 5 Jan 2018 15:12:50 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0)
 Gecko/20100101 Thunderbird/52.5.2
MIME-Version: 1.0
In-Reply-To: <CAOjFWZ6cJ8C+huRukZ39pW+7dkfZmZaC81YkXS6OovX9PB6XbQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2018 20:20:18 -0000

Thank you!

The news indeed does not properly understand the difference, nor which 
problem affects which hardware/CPU and in many ways acts like it is "the 
end of the world".



On 01/05/2018 14:53, Freddie Cash wrote:
> On Fri, Jan 5, 2018 at 11:11 AM, Cy Schubert <Cy.Schubert@cschubert.com>
> wrote:
>
>> According to a Red Hat announcement, Power and Series z are also
>> vulnerable.
>> ​
>>
> ​There's a lot of confusion in the media, press releases, and announcements
> due to conflating Spectre and Meltdown.
>
> Meltdown (aka CVE-2017-5754) is the issue that affects virtually all Intel
> CPUs and specific ARM Cortex-A CPUs.  This allows read-access to kernel
> memory from unprivileged processes (ring 3 apps get read access to ring 0
> memory).​  IBM POWER, Oracle Sparc, and AMD Zen are not affected by this
> issue as they provide proper separation between kernel memory maps and
> userland memory maps; or they aren't OoO architectures that use speculative
> execution in this manner.
>
> Spectre (aka CVE-2017-5715 and CVE-2017-5753) is the issue that affects all
> CPUs (Intel, AMD, ARM, IBM, Oracle, etc) and allows userland processes to
> read memory assigned to other userland processes (but does NOT give access
> to kernel memory).
>
> ​IOW, POWER and Sparc are vulnerable to Spectre, but not vulnerable to
> Meltdown.
>