Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-10 Thread viverna 
il devuanizzato KatolaZ  il 09-01-18 18:54:58 ha scritto:
> Just to confirm that a patched kernel for jessie is available in
> jessie-security, as reported at the URL above.
> 
> HND
> 
> KatolaZ
Thank you.

-- 
viverna
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-09 Thread KatolaZ 
On Mon, Jan 08, 2018 at 08:57:10AM +, KatolaZ wrote:
> On Sun, Jan 07, 2018 at 09:03:16PM +0100, viverna wrote:
> > il devuanizzato KatolaZ  il 06-01-18 19:45:27 ha 
> > scritto:
> > > On Fri, Jan 05, 2018 at 09:52:48PM +0100, viverna wrote:
> > > > When the KPTI patch will be in ascii and jessie?
> > > The patched kernel is already in ascii, if you have ascii-security
> > > enabled, and comes directly from stretch.
> > Wonderful, thanks for the {f,w}ork.
> > I don't know but is it possible for Devuan jessie to apply KPTI patch?
> > 
> 
> I guess the patch will be available soon from Debian. Just keep an eye
> on:
> 
>   https://security-tracker.debian.org/tracker/CVE-2017-5754
> 

Just to confirm that a patched kernel for jessie is available in
jessie-security, as reported at the URL above.

HND

KatolaZ

-- 
[ ~.,_  Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab  ]  
[ "+.  katolaz [at] freaknet.org --- katolaz [at] yahoo.it  ]
[   @)   http://kalos.mine.nu ---  Devuan GNU + Linux User  ]
[ @@)  http://maths.qmul.ac.uk/~vnicosia --  GPG: 0B5F062F  ] 
[ (@@@)  Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ  ]


signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-08 Thread Alessandro Selli 
On Mon, 8 Jan 2018 at 08:57:10 +
KatolaZ  wrote:

> On Sun, Jan 07, 2018 at 09:03:16PM +0100, viverna wrote:
>> il devuanizzato KatolaZ  il 06-01-18 19:45:27 ha
>> scritto:  
>> > On Fri, Jan 05, 2018 at 09:52:48PM +0100, viverna wrote:  
>> > > When the KPTI patch will be in ascii and jessie?  
>> > The patched kernel is already in ascii, if you have ascii-security
>> > enabled, and comes directly from stretch.  
>> Wonderful, thanks for the {f,w}ork.
>> I don't know but is it possible for Devuan jessie to apply KPTI patch?
>>   
>
> I guess the patch will be available soon from Debian. Just keep an eye
> on:
> 
>   https://security-tracker.debian.org/tracker/CVE-2017-5754

  For those who compile their own custom kernels, the patch is in releases
4.9.75 (stable branch) and 4.14.11 (current).  It's the new configuration
item CONFIG_PAGE_TABLE_ISOLATION.



-- 
Alessandro Selli http://alessandro.route-add.net
VOIP SIP: dhatarat...@ekiga.net
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-08 Thread KatolaZ 
On Sun, Jan 07, 2018 at 09:03:16PM +0100, viverna wrote:
> il devuanizzato KatolaZ  il 06-01-18 19:45:27 ha 
> scritto:
> > On Fri, Jan 05, 2018 at 09:52:48PM +0100, viverna wrote:
> > > When the KPTI patch will be in ascii and jessie?
> > The patched kernel is already in ascii, if you have ascii-security
> > enabled, and comes directly from stretch.
> Wonderful, thanks for the {f,w}ork.
> I don't know but is it possible for Devuan jessie to apply KPTI patch?
> 

I guess the patch will be available soon from Debian. Just keep an eye
on:

  https://security-tracker.debian.org/tracker/CVE-2017-5754

HND

KatolaZ

-- 
[ ~.,_  Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab  ]  
[ "+.  katolaz [at] freaknet.org --- katolaz [at] yahoo.it  ]
[   @)   http://kalos.mine.nu ---  Devuan GNU + Linux User  ]
[ @@)  http://maths.qmul.ac.uk/~vnicosia --  GPG: 0B5F062F  ] 
[ (@@@)  Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ  ]


signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-07 Thread viverna 
il devuanizzato KatolaZ  il 06-01-18 19:45:27 ha scritto:
> On Fri, Jan 05, 2018 at 09:52:48PM +0100, viverna wrote:
> > When the KPTI patch will be in ascii and jessie?
> The patched kernel is already in ascii, if you have ascii-security
> enabled, and comes directly from stretch.
Wonderful, thanks for the {f,w}ork.
I don't know but is it possible for Devuan jessie to apply KPTI patch?

-- 
viverna
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-06 Thread KatolaZ 
On Fri, Jan 05, 2018 at 09:52:48PM +0100, viverna wrote:
> When the KPTI patch will be in ascii and jessie?
> With AMD processor is possible to ignore patch?


The patched kernel is already in ascii, if you have ascii-security
enabled, and comes directly from stretch.

HND

KatolaZ

-- 
[ ~.,_  Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab  ]  
[ "+.  katolaz [at] freaknet.org --- katolaz [at] yahoo.it  ]
[   @)   http://kalos.mine.nu ---  Devuan GNU + Linux User  ]
[ @@)  http://maths.qmul.ac.uk/~vnicosia --  GPG: 0B5F062F  ] 
[ (@@@)  Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ  ]


signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-05 Thread Adam Borowski 
On Fri, Jan 05, 2018 at 01:30:13PM -0800, Rick Moen wrote:
> Quoting Renaud (Ron) OLGIATI (ren...@olgiati-in-paraguay.org):
> 
> > ISTR that AMDs are not affected by Meltdown, but affected by Spectre
> 
> _Possibly_.  Quoting the Meltdown FAQ:  'At the moment, it is unclear
> whether ARM and AMD processors are also affected by Meltdown.'
> https://meltdownattack.com/#faq

AMD engineers say none of their x86 CPUs are affected, as they check
permissions before speculating into.

A minority of ARM CPUs do suffer from Meltdown, see:
https://developer.arm.com/support/security-update
for details.  Variant 3 is Meltdown.  Among these, only Cortex-A75 is
affected by attacks believed to be exploitable.

Intel's PR campaign keeps saying everywhere that AMD is affected, but that's
a bold-faced lie that hinges on the fact that one of experimental processors
by AMD (ARM-based Opteron A) is Cortex-A57 which has variant 3a.


On the other hand, indeed AMD (all or almost all) are affected by Spectre.


Basically only in-order CPUs are free of Spectre.  Pinebook FTW!


Meow!
-- 
// If you believe in so-called "intellectual property", please immediately
// cease using counterfeit alphabets.  Instead, contact the nearest temple
// of Amon, whose priests will provide you with scribal services for all
// your writing needs, for Reasonable And Non-Discriminatory prices.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-05 Thread Rick Moen 
Quoting Renaud (Ron) OLGIATI (ren...@olgiati-in-paraguay.org):

> ISTR that AMDs are not affected by Meltdown, but affected by Spectre

_Possibly_.  Quoting the Meltdown FAQ:  'At the moment, it is unclear
whether ARM and AMD processors are also affected by Meltdown.'
https://meltdownattack.com/#faq

Section 6.4 of the Meltdown research paper gives details:

  We also tried to reproduce the Meltdown bug on several ARM and AMD
  CPUs. However, we did not manage to successfully leak kernel memory
  with the attack described in Section 5, neither on ARM nor on AMD. 
  The reasons for this can be manifold.  First of all, our implementation
  might simply be too slow and a more optimized version might succeed.
  For instance, a more shallow out-of-order execution pipeline could tip
  the race condition towards against the data leakage.  Similarly, if
  the processor lacks certain features, e.g., no re-order buffer, our
  current implementation might not be able to leak data.  However, for
  both ARM and AMD, the toy example as described in Section 3 works
  reliably, indicating that out-of-order execution generally occurs and
  instructions past illegal memory accesses are also performed.

https://meltdownattack.com/meltdown.pdf
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Meltdown and linux kernel KPTI patch

2018-01-05 Thread Renaud (Ron) OLGIATI 
On Fri, 5 Jan 2018 21:52:48 +0100
viverna  wrote:

> When the KPTI patch will be in ascii and jessie?
> With AMD processor is possible to ignore patch?
> 
> According with:
> https://meltdownattack.com/
> "it is unclear whether ARM and AMD processors are
> also affected by Meltdown."
> and AMD wrote:
> https://www.amd.com/en/corporate/speculative-execution
> "Zero AMD vulnerability due to AMD architecture differences."

ISTR that AMDs are not affected by Meltdown, but affected by Spectre
 
Cheers,
 
Ron.
-- 
When we can't dream any longer we die.
   -- Emma Goldman

   -- http://www.olgiati-in-paraguay.org --
 
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] Meltdown and linux kernel KPTI patch

2018-01-05 Thread viverna 
When the KPTI patch will be in ascii and jessie?
With AMD processor is possible to ignore patch?

According with:
https://meltdownattack.com/
"it is unclear whether ARM and AMD processors are
also affected by Meltdown."
and AMD wrote:
https://www.amd.com/en/corporate/speculative-execution
"Zero AMD vulnerability due to AMD architecture differences."

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng