Re: Intel CPU design flaw - FreeBSD affected? [AMD family Zen/17h status]

On 2018-Jan-6, at 2:02 PM, Mark Millard wrote: > On 2018-Jan-4, at 7:32 PM, Mark Millard wrote: > >> Darren Reed darrenr at freebsd.org wrote on >> Thu Jan 4 11:56:29 UTC 2018 : >> >>> Most people are only talking about meltdown which doesn't hit AMD. >>> spectre impacts *both* Intel and AMD.

Re: Intel CPU design flaw - FreeBSD affected? [AMD family Zen/17h status]

On 2018-Jan-4, at 7:32 PM, Mark Millard wrote: > Darren Reed darrenr at freebsd.org wrote on > Thu Jan 4 11:56:29 UTC 2018 : > >> Most people are only talking about meltdown which doesn't hit AMD. >> spectre impacts *both* Intel and AMD. >> >> SuSE are making available a microcode patch for

Re: Intel CPU design flaw - FreeBSD affected? // disabling LDTSC

On 04.01.2018 22:07, Michael Butler wrote: > > Interestingly, the Xeon 5400 series is not listed as vulnerable in the > Intel documentation where the 5500 and 5600s are; I checked as I have a > bunch of E5440s in service. > >

Re: Intel CPU design flaw - FreeBSD affected? // disabling _R_DTSC

On Fri, Jan 05, 2018 at 02:27:40AM +0800, blubee blubeeme wrote: > I'd love to see if RISC-V is vulnerable to this? > > I think they are in the best position to capitalize on this clusterfk... It's a micro-architecture flaw, not an instruction set flaw, so just as for ARM and amd64, it will

Re: Intel CPU design flaw - FreeBSD affected?

Hi, On Thu, 4 Jan 2018 15:33:46 +0100 Stefan Esser wrote: > Am 04.01.18 um 12:56 schrieb Darren Reed: > > On 4/01/2018 11:51 AM, Mark Heily wrote: > >> On Jan 2, 2018 19:05, "Warner Losh" wrote: > >> > >> The register article says the specifics are under

Re: Intel CPU design flaw - FreeBSD affected?

Darren Reed darrenr at freebsd.org wrote on Thu Jan 4 11:56:29 UTC 2018 : > Most people are only talking about meltdown which doesn't hit AMD. > spectre impacts *both* Intel and AMD. > > SuSE are making available a microcode patch for AMD 17h processors that > disables branch prediction: > > >

Re: Intel CPU design flaw - FreeBSD affected? Information from Arm

Wotcha! My employer, Arm, have made the following website available to help with deciding what to do about this security issue. http://www.arm.com/security-update Note: I am not writing here as a representative of Arm, and cannot provide further

Re: Intel CPU design flaw - FreeBSD affected? // disabling LDTSC

Possibly because Xeon 5400 dates to 2007 — it may have less advanced speculative / out-of-order execution and may not have the same branch prediction algorithm as Haswell. On Thu, Jan 4, 2018 at 1:07 PM, Michael Butler wrote: > On 01/04/18 14:59, Klaus P.

Re: Intel CPU design flaw - FreeBSD affected? // disabling LDTSC

On 01/04/18 14:59, Klaus P. Ohrhallinger wrote: > On 04.01.2018 19:51, Jan Kokemüller wrote: > >> It is possible to emulate a high resolution counter with a thread that >> continuously increments a variable [1]. This is the reason why browser >> vendors are currently disabling the

Re: Intel CPU design flaw - FreeBSD affected? // disabling LDTSC

On 04.01.2018 19:51, Jan Kokemüller wrote: > It is possible to emulate a high resolution counter with a thread that > continuously increments a variable [1]. This is the reason why browser > vendors are currently disabling the SharedArrayBuffer feature [2]. > > [1]: >

Re: Intel CPU design flaw - FreeBSD affected? // disabling LDTSC

On 04.01.2018 19:23, Klaus P. Ohrhallinger wrote: > All PoC code I have seen today relies on those instructions. > Is there any other way to measure the memory/cache access times ? It is possible to emulate a high resolution counter with a thread that continuously increments a variable [1]. This

Re: Intel CPU design flaw - FreeBSD affected? // disabling _R_DTSC

On Fri, Jan 5, 2018 at 2:25 AM, Klaus P. Ohrhallinger wrote: > On 04.01.2018 19:23, Klaus P. Ohrhallinger wrote: > > Hello, > > > > I disabled the ldtsc and ldtscp instructions for usermode on one of my > > production servers: > > > > Oops, RDTSC of course. > >

Re: Intel CPU design flaw - FreeBSD affected? // disabling LDTSC

Hello, I disabled the ldtsc and ldtscp instructions for usermode on one of my production servers: % ./spectre Reading 40 bytes: Bus error (core dumped) All PoC code I have seen today relies on those instructions. Is there any other way to measure the memory/cache access times ? On 10.4-RELEASE

Re: Intel CPU design flaw - FreeBSD affected? // disabling _R_DTSC

On 04.01.2018 19:23, Klaus P. Ohrhallinger wrote: > Hello, > > I disabled the ldtsc and ldtscp instructions for usermode on one of my > production servers: > Oops, RDTSC of course. ___ freebsd-current@freebsd.org mailing list

Re: Intel CPU design flaw - FreeBSD affected?

On Thu, Jan 4, 2018 at 7:33 AM, Stefan Esser wrote: > Am 04.01.18 um 12:56 schrieb Darren Reed: > > On 4/01/2018 11:51 AM, Mark Heily wrote: > >> On Jan 2, 2018 19:05, "Warner Losh" wrote: > >> > >> The register article says the specifics are under embargo

Re: Intel CPU design flaw - FreeBSD affected?

On Thu, 4 Jan 2018 15:33:46 +0100 "Stefan Esser" said Am 04.01.18 um 12:56 schrieb Darren Reed: > On 4/01/2018 11:51 AM, Mark Heily wrote: >> On Jan 2, 2018 19:05, "Warner Losh" wrote: >> >> The register article says the specifics are under embargo still.

Re: Intel CPU design flaw - FreeBSD affected?

Am 04.01.18 um 12:56 schrieb Darren Reed: > On 4/01/2018 11:51 AM, Mark Heily wrote: >> On Jan 2, 2018 19:05, "Warner Losh" wrote: >> >> The register article says the specifics are under embargo still. That would >> make it hard for anybody working with Intel to comment publicly

Re: Intel CPU design flaw - FreeBSD affected?

And now official announcement from Intel... https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088=en-fr On Wed, 3 Jan 2018 19:51:40 -0500 Mark Heily wrote: > On Jan 2, 2018 19:05, "Warner Losh" wrote: > > The register article says the

Re: Intel CPU design flaw - FreeBSD affected?

On 4/01/2018 11:51 AM, Mark Heily wrote: > On Jan 2, 2018 19:05, "Warner Losh" wrote: > > The register article says the specifics are under embargo still. That would > make it hard for anybody working with Intel to comment publicly on the flaw > and any mitigations that may be

Re: Intel CPU design flaw - FreeBSD affected?

On Thu, Jan 4, 2018 at 8:51 AM, Mark Heily wrote: > On Jan 2, 2018 19:05, "Warner Losh" wrote: > > The register article says the specifics are under embargo still. That would > make it hard for anybody working with Intel to comment publicly on the flaw > and any

Re: Intel CPU design flaw - FreeBSD affected?

On Jan 2, 2018 19:05, "Warner Losh" wrote: The register article says the specifics are under embargo still. That would make it hard for anybody working with Intel to comment publicly on the flaw and any mitigations that may be underway. It would be unwise to assume that all the

RE: Intel CPU design flaw - FreeBSD affected?

eebsd.org> The need of the many outweighs the greed of the few. --- -Original Message- From: Kurt Jaeger Sent: 02/01/2018 21:41 To: Cy Schubert Cc: FreeBSD Current Subject: Re: Intel CPU design flaw - FreeBSD affected? Hi! > You can see if your cpu supports pcid using cpuinfo from ports. p

RE: Intel CPU design flaw - FreeBSD affected?

inal Message- From: Kurt Jaeger Sent: 02/01/2018 21:41 To: Cy Schubert Cc: FreeBSD Current Subject: Re: Intel CPU design flaw - FreeBSD affected? Hi! > You can see if your cpu supports pcid using cpuinfo from ports. portfind cpuinfo finds sysutils/p5-Linux-Cpuinfo, but this does not provide a

Re: Intel CPU design flaw - FreeBSD affected?

Hi! > You can see if your cpu supports pcid using cpuinfo from ports. portfind cpuinfo finds sysutils/p5-Linux-Cpuinfo, but this does not provide a cpuinfo command ? -- p...@opsec.eu+49 171 3101372 2 years to go !

Re: Intel CPU design flaw - FreeBSD affected?

On January 2, 2018 4:56:48 PM PST, Michael Butler wrote: >On 01/02/18 19:20, Cy Schubert wrote: >> This Linux commit gives us a hint. >> >> https://lkml.org/lkml/2017/12//27/2 > >Sadly, the articles I've read to date make no mention of which Intel >silicon revs are

Re: Intel CPU design flaw - FreeBSD affected?

On 01/02/18 19:20, Cy Schubert wrote: > This Linux commit gives us a hint. > > https://lkml.org/lkml/2017/12//27/2 Sadly, the articles I've read to date make no mention of which Intel silicon revs are vulnerable. However, the use of the PCID feature, which is only available on more recent CPUs,

RE: Intel CPU design flaw - FreeBSD affected?

p post. Apologies. > >Cy Schubert ><cy.schub...@cschubert.com> or <c...@freebsd.org> >The need of the many outweighs the greed of the few. >--- > >-Original Message- >From: Zaphod Beeblebrox >Sent: 02/01/2018 15:50 >To: Michael Butler >Cc: F

RE: Intel CPU design flaw - FreeBSD affected?

From: Zaphod Beeblebrox Sent: 02/01/2018 15:50 To: Michael Butler Cc: FreeBSD Current Subject: Re: Intel CPU design flaw - FreeBSD affected? >From the information that was leaked by AMD claiming that their processors didn't have the flaws, it would seem any OS in which the kernel occupies the sam

RE: Intel CPU design flaw - FreeBSD affected?

ny outweighs the greed of the few. --- -Original Message- From: Zaphod Beeblebrox Sent: 02/01/2018 15:50 To: Michael Butler Cc: FreeBSD Current Subject: Re: Intel CPU design flaw - FreeBSD affected? >From the information that was leaked by AMD claiming that their processors didn't

RE: Intel CPU design flaw - FreeBSD affected?

of the many outweighs the greed of the few. --- -Original Message- From: Warner Losh Sent: 02/01/2018 16:05 To: Michael Butler Cc: FreeBSD Current Subject: Re: Intel CPU design flaw - FreeBSD affected? The register article says the specifics are under embargo still. That would make it hard

Re: Intel CPU design flaw - FreeBSD affected?

The register article says the specifics are under embargo still. That would make it hard for anybody working with Intel to comment publicly on the flaw and any mitigations that may be underway. It would be unwise to assume that all the details are out until the embargo lifts. Warner On Jan 2,

Re: Intel CPU design flaw - FreeBSD affected?

>From the information that was leaked by AMD claiming that their processors didn't have the flaws, it would seem any OS in which the kernel occupies the same address space as the userland would be vulnerable. The AMD post implied that Intel's speculative execution of code did not check the

Intel CPU design flaw - FreeBSD affected?

Has any impact assessment been made as to FreeBSD's exposure or mitigation strategies? 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign - The Register Other OSes will need an update, performance hits loom A fundamental design flaw in Intel's processor chips has