From: Rich Freeman <rich0@gentoo.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Expect a ~15% average slowdown if you use an Intel processor
Date: Thu, 4 Jan 2018 11:18:43 -0500 [thread overview]
Message-ID: <CAGfcS_mHspsszbin+GCo3wQzoKjYWkJ9soEdR_sAv50qB=Bbug@mail.gmail.com> (raw)
In-Reply-To: <CAAD4mYjC_s3c+MBDY2VEoOZZ-raoXuEnq1P3JKtV63B5T-nOCQ@mail.gmail.com>
On Thu, Jan 4, 2018 at 10:44 AM, R0b0t1 <r030t1@gmail.com> wrote:
>
> I am still working through the information myself, but it looks like
> BPF filters are an easy way to make sure you have something to look
> for in kernelspace.
My understanding is that for exploit 1 to work you need to have the
kernel execute some code for you, and BPF is a way to do that because
it is a JIT compiler.
The bits about finding where BPF is in kernelspace is for exploit 2,
which requires branching into that code, which requires knowing its
address.
> On Thu, Jan 4, 2018 at 9:44 AM, R0b0t1 <r030t1@gmail.com> wrote:
>> But, if they do,
>
> then AMD processors are susceptible in the same way, and the issue can
> not be fixed. There are some news pieces and commenters claiming that
> AMD processors suffer similar issues.
AMD published this:
https://www.amd.com/en/corporate/speculative-execution
This tends to go along with Google's statement that AMD is vulnerable
to variant 1, but not 2 or 3.
There is plenty of speculation going on with the hazy info that was
provided, but none of the original sources suggest that AMD is
vulnerable to variant 3. For variants 1/2 Google says that AMD is
susceptible to only 1, and the white paper says that they're
vulnerable to either 1/2 but they don't say which specifically.
In any case, short of somebody publishing actual exploit code so that
people can run their own tests, I'm going to go with AMD. Nobody
reputable is outright contradicting their statements. For variant 1
the only known vulnerability is BPF which probably next to nobody
uses, and for variant 2 there really aren't any alternatives available
right now anyway.
--
Rich
next prev parent reply other threads:[~2018-01-04 16:18 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-04 3:15 [gentoo-user] Expect a ~15% average slowdown if you use an Intel processor P Levine
2018-01-04 3:25 ` Adam Carter
2018-01-04 3:34 ` Adam Carter
2018-01-04 13:44 ` Corbin Bird
2018-01-04 14:17 ` Rich Freeman
2018-01-04 15:21 ` Corbin Bird
2018-01-04 15:44 ` R0b0t1
2018-01-04 15:46 ` R0b0t1
2018-01-04 16:18 ` Rich Freeman [this message]
2018-01-04 21:39 ` [gentoo-user] " Nikos Chantziaras
2018-01-04 21:40 ` Nikos Chantziaras
2018-01-05 0:51 ` Adam Carter
2018-01-05 1:18 ` Rich Freeman
2018-01-05 1:31 ` Adam Carter
2018-01-05 11:10 ` Peter Humphrey
2018-01-05 18:04 ` Ian Zimmerman
2018-01-05 19:21 ` Peter Humphrey
2018-01-06 0:26 ` Adam Carter
2018-01-06 0:40 ` Rich Freeman
2018-01-06 13:58 ` Walter Dnes
2018-01-06 14:12 ` Rich Freeman
2018-01-05 2:22 ` [gentoo-user] " R0b0t1
2018-01-05 2:31 ` Rich Freeman
2018-01-05 1:52 ` Jalus Bilieyich
2018-01-05 2:16 ` Rich Freeman
2018-01-05 10:28 ` Joerg Schilling
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGfcS_mHspsszbin+GCo3wQzoKjYWkJ9soEdR_sAv50qB=Bbug@mail.gmail.com' \
--to=rich0@gentoo.org \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox