Date: Fri, 5 Jan 2018 13:44:46 -0500 From: Eric McCorkle <eric@metricspace.net> To: freebsd-security@freebsd.org Subject: Re: Intel hardware bug Message-ID: <c61bbcc1-28d6-7345-a122-e2d003faabcc@metricspace.net> In-Reply-To: <df99a36a-4e81-58c2-284e-c2fcdebb6040@freebsd.org> References: <736a2b77-d4a0-b03f-8a6b-6a717f5744d4@metricspace.net> <2594.1515141192@segfault.tristatelogic.com> <809675000.867372.1515146821354@mail.yahoo.com> <250f3a77-822b-fba5-dcd7-758dfec94554@metricspace.net> <CAOnawYpe5V-kUn4tLWKyBcDmsKqUP9-VNRhfDG48VMFWFbq6Vw@mail.gmail.com> <df99a36a-4e81-58c2-284e-c2fcdebb6040@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 01/05/2018 11:40, Nathan Whitehorn wrote: > POWER has the same thing. It's actually stronger separation, since user > processes don't share addresses either -- all processes, including the > kernel, have windowed access to an 80-bit address space, so no process > can even describe an address in another process's address space. There > are ways, of course, in which IBM could have messed up the > implementation, so the fact that it *should* be secure does not mean it > *is*. That's interesting, as it conflicts with Red Hat's vulnerability disclosure. It that because the silicon is buggy, or because Linux somehow ends up being vulnerable when it need not be? > > SPARC avoids the issue because almost all implementations are in-order. Definitely not true of the post-Oracle models. I saw a tech talk on the core once.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c61bbcc1-28d6-7345-a122-e2d003faabcc>