On Thu, Jan 4, 2018 at 9:22 PM, R0b0t1 <r03...@gmail.com> wrote: > > I think referring to BPF is a red herring, because it is really the > processor that is at fault. Not BPF. And yes, I'm aware of what AMD > claims.
Of course the processor is at fault. However, in order to exploit the fault on an AMD processor you have to target a function running in the correct priv level. BPF JIT was a way to accomplish this on Linux, because it can be made to run code. If the kernel doesn't contain any susceptible code, then it can't be exploited, because for Spectre to work part of the code has to run with kernel privs. Otherwise an AMD CPU will block the memory accesses before they affect the cache. The only exploit that works entirely with code in userspace is variant 3 (Meltdown), which is Intel-only, because Intel processors will speculatively fetch data at the wrong priv level which affects the cache (though the instruction will not retire). I'm willing to believe that there could be other functions in the kernel other than BPF which are also vulnerable, but which haven't been discovered. If somebody builds a compiler-level fix for this then that could address the problem more completely. I wouldn't be surprised if they're discovering variants of this for a while. Short of disabling cache updates during speculative execution entirely I'm not sure Spectre can be solved at the hardware level, and that probably would have a big performance impact. -- Rich
