On January 2, 2018 4:24:55 PM PST, Cy Schubert <Cy.Schubert_at_komquats.com> wrote: >https://mobile.twitter.com/grsecurity/status/948170302286172160?p=v > >--- >Sent using a tiny phone keyboard. >Apologies for any typos and autocorrect. >Also, this old phone only supports top post. Apologies. > >Cy Schubert ><Cy.Schubert_at_cschubert.com> or <cy_at_freebsd.org> >The need of the many outweighs the greed of the few. >--- > >-----Original Message----- >From: Zaphod Beeblebrox >Sent: 02/01/2018 15:50 >To: Michael Butler >Cc: FreeBSD Current >Subject: Re: Intel CPU design flaw - FreeBSD affected? > >>From the information that was leaked by AMD claiming that their >processors >didn't have the flaws, it would seem any OS in which the kernel >occupies >the same address space as the userland would be vulnerable. The AMD >post >implied that Intel's speculative execution of code did not check the >validity of the operands before speculatively executing the code. I >suppose the implication is that the security check "catches up" with >the >speculative execution at some point ... and that their (AMD's) >microcode >did check. > >Anyways... for those keeping score at home, this is a privilege >escalation >bug... so it's only really useful in concert with other bugs ... but >still >pretty huge. > >Some estimate that between 5% and 30% performance degradation may be >unavoidable. Some say it's worse or can't be fully fixed. > >Certainly, the sunk cost of current CPUs is a huge issue for server >farm >vendors like Amazon and/or google. > >On Tue, Jan 2, 2018 at 6:13 PM, Michael Butler ><imb_at_protected-networks.net> >wrote: > >> Has any impact assessment been made as to FreeBSD's exposure or >> mitigation strategies? >> >> 'Kernel memory leaking' Intel processor design flaw forces Linux, >> Windows redesign - The Register >> >> https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ >> >> >_______________________________________________ >freebsd-current_at_freebsd.org mailing list >https://lists.freebsd.org/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to >"freebsd-current-unsubscribe_at_freebsd.org" > >_______________________________________________ >freebsd-current_at_freebsd.org mailing list >https://lists.freebsd.org/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to >"freebsd-current-unsubscribe_at_freebsd.org" No need for invpcid, https://patchwork.kernel.org/patch/10081791/. --- Cy Schubert <Cy.Schubert_at_cschubeet.com> or <cy_at_freebsd.org> -- small keyboard in use, apologies for typos and autocorrect --Received on Tue Jan 02 2018 - 23:56:28 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:14 UTC