It is my understanding that because the kernel and userland shared the address space you could cause the cache to be primed with an address from the kernel and the way pipeline "retirement" works the cache would be loaded with data from the address before the invalid access would interrupt things. Thus leaving kernel data in the cache that could get harvested. There are some good explanations out there so take my precis with a hunk of salt. I'm not an infosec professional nor even play one on TV.
-------- Original message -------- From: John McKown <john.archie.mck...@gmail.com> Date: 1/4/18 11:06 (GMT-05:00) To: LINUX-390@VM.MARIST.EDU Subject: Re: [LINUX-390] Meltdown/Spectre; Linux on z affected? On Thu, Jan 4, 2018 at 9:54 AM, Neale Ferguson <ne...@sinenomine.net> wrote: > Red hat issued a vulnerability alert and include Z and Power: > https://access.redhat.com/security/vulnerabilities/speculativeexecution > > It provides no details of why. Given the different pipeline architectures > I'd like to know why. > > The fix for Intel et alii appears to be separate address spaces but Z has > always had that. > So, if I am understanding the problem correctly, the exploit is fixed on Linux/Intel by not mapping the kernel data into every user's address space, but separating the user's address space from the kernel's address space. And you are saying that Linux on z always maintained this separation. Or am I still fuzzy on the actual problem? -- I have a theory that it's impossible to prove anything, but I can't prove it. Maranatha! <>< John McKown ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
