Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 13 Jul 2012 13:26:18 -0400
From:      Arnaud Lacombe <lacombar@gmail.com>
To:        John Baldwin <jhb@freebsd.org>
Cc:        freebsd-hackers@freebsd.org, Poul-Henning Kamp <phk@phk.freebsd.dk>, Bill Crisp <bcrisp@crispernetworks.com>
Subject:   Re: CVE-2012-0217 Intel's sysret Kernel Privilege Escalation and FreeBSD 6.2/6.3
Message-ID:  <CACqU3MWEAemtEpSdVpngPpSoBWhSi7hEP396U3DeKxZq5CVm%2Bg@mail.gmail.com>
In-Reply-To: <201207131102.14379.jhb@freebsd.org>
References:  <44644.1342190524@critter.freebsd.dk> <201207131102.14379.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hi,

On Fri, Jul 13, 2012 at 11:02 AM, John Baldwin <jhb@freebsd.org> wrote:
> On Friday, July 13, 2012 10:42:04 am Poul-Henning Kamp wrote:
>> In message <201207130831.59211.jhb@freebsd.org>, John Baldwin writes:
>>
>> >Every FreeBSD/amd64 kernel in existent is vulnerable.  In truth, my
> personal
>> >opinion is that Intel screwed up their implementation of that instruction
>> >whereas AMD got it right, and we are merely working around Intel's CPU bug.
> :(
>>
>> Given that the instruction set of AMD64 is defined by AMD originally,
>> while Intel was trying very hard to ram Itanic down everybodys
>> throat, that diagnosis is a given:  Intel copied AMD, and difference
>> in functionality is a screwup on Intels part, even if they documented
>> their screwup in their manual.
>>
>> TL;DR: Which part of "compatible" doesn't Intel get ?
>
> In this case, I believe they were just lazy and reused some existing block to
> manage this exception case without properly thinking through the security
> implications of using a user-supplied stack pointer to handle a fault.
>
Just as FreeBSD's developers were lazy when new-bus was designed ?

Honestly, what's the point of this rock throwing and ad-hominem
attacks ? I could start throwing a few more CVE-2009-2936 or
CVE-2009-4488; just to point out nobody's perfect...

 - Arnaud

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACqU3MWEAemtEpSdVpngPpSoBWhSi7hEP396U3DeKxZq5CVm%2Bg>