Re: Kernel memory leaking on Intel CPUs?

[Theo de Raadt]

>When it comes to Meltdown:
>Does OpenBSD is going to release patches for 6.2? I don't see anything related
>to Meltdown in errata, but maybe it is too early. I understand other OSes
>received disclosed information about bug a few months earlier.

amd64 snapshots contain a fix, which is undergoing testing.  Not handing out
the diff yet, it went through almost 10 revisions in the last 48 hours and
we don't need to create confusion about which diff is which.

Re: Kernel memory leaking on Intel CPUs?

[Lampshade]

Intel provided stable microcode for Skylake mitigating Spectre variant 2.

Current status
https://newsroom.intel.com/wp-content/uploads/sites/11/2018/02/microcode-update-guidance.pdf

When it comes to Meltdown:
Does OpenBSD is going to release patches for 6.2? I don't see anything related
to Meltdown in errata, but maybe it is too early. I understand other OSes
received disclosed information about bug a few months earlier.

Re: Kernel memory leaking on Intel CPUs?

[Charlie Eddy]

Excuse me, I can support the far-seeing generalities in the message you
linked but am confused about the specifics. It looks like processor hangs,
and deadlock, and poorly documented page table handling by the MMU, are
concrete issues specified.

Respectfully: Are there any direct links to Meltdown or Spectre founded in
the bugs noted in these errata? Or, is this a straw man argument against a
chip manufacturer?

If there are not any direct links, but the argument against Intel itself
still stands, is that because there are other chip manufacturers who have
proven that it is possible to write unexploitable code?

Please let me know.

2018-01-10 3:21 GMT-08:00 Zbyszek Żółkiewski :

> 10 years passed, Theo de Raadt: https://marc.info/?l=openbsd-
> misc&m=118296441702631
>
> _
> Zbyszek Żółkiewski
>
> >
> > https://spectreattack.com/
> >
>
>

Re: Kernel memory leaking on Intel CPUs?

[Zbyszek Żółkiewski]

10 years passed, Theo de Raadt: 
https://marc.info/?l=openbsd-misc&m=118296441702631

_
Zbyszek Żółkiewski

> 
> https://spectreattack.com/
> 

Re: Kernel memory leaking on Intel CPUs?

[Lampshade]

There are some claims about Raspberry Pi:

Here you go:
We do not believe any generation of Raspberry Pi hardware
is susceptible to either the Spectre or Meltdown vulnerabilities.
https://twitter.com/EbenUpton/status/948999181309530116


Why Raspberry Pi isn’t vulnerable to Spectre or Meltdown

https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/

Re: Kernel memory leaking on Intel CPUs?

[Theo de Raadt]

> Ted Unangst wrote:
> > Otto Moerbeek wrote:
> > > Sparc64 and powerpc also have speculative execution, branch
> > > prediction and extensive caches. It is much wiser to assume they are
> > > also affected by (similar) bugs/explots or whatever you call it.
> > 
> > A lot of the commonly available sparc64 gear, T2 and USIII, are in order.
> 
> So that's not exactly right, since branch prediction and speculative exection
> are somewhat orthogonal to out of order execution. I'm assuming they are
> somewhat less affected because without all the fun out of order machinery the
> CPU won't go nearly so far down the branch.
> 
> Specifically regarding meltdown, sparc64 doesn't map the kernel in userland,
> right?

sun4u have a split U vs S I/Dtlbs.  Those TLB are software-updated.
I'm not entirely sure of the sun4v situation.

> Regarding spectre, the bounds check bypass requires executing past two
> branches. Can a sparc do that?

doubt it.  Note since the tlb are software-updated if a branch
prefetched an unmapped page and that page translation didn't exist,
we'd have seen seen spurious speculative faults in the past, because
our software-update codepath isn't a willing party to such an
emmisions scandal.

Re: Kernel memory leaking on Intel CPUs?

[Ted Unangst]

Ted Unangst wrote:
> Otto Moerbeek wrote:
> > Sparc64 and powerpc also have speculative execution, branch
> > prediction and extensive caches. It is much wiser to assume they are
> > also affected by (similar) bugs/explots or whatever you call it.
> 
> A lot of the commonly available sparc64 gear, T2 and USIII, are in order.

So that's not exactly right, since branch prediction and speculative exection
are somewhat orthogonal to out of order execution. I'm assuming they are
somewhat less affected because without all the fun out of order machinery the
CPU won't go nearly so far down the branch.

Specifically regarding meltdown, sparc64 doesn't map the kernel in userland,
right?

Regarding spectre, the bounds check bypass requires executing past two
branches. Can a sparc do that?

Re: Kernel memory leaking on Intel CPUs?

[Ted Unangst]

Otto Moerbeek wrote:
> Sparc64 and powerpc also have speculative execution, branch
> prediction and extensive caches. It is much wiser to assume they are
> also affected by (similar) bugs/explots or whatever you call it.

A lot of the commonly available sparc64 gear, T2 and USIII, are in order.

Re: Kernel memory leaking on Intel CPUs?

[Tom Smyth]

>>So I will be most interested to see the OpenBSD take on this after the
>> embargo period is over.

>How long is embargo period?

apparently Intel were aware of one of  issues as early as Late June
Last year...  and
late july for another issue ...

it will be interesting how quickly a handful of Volunteers can come up
with a software countermeasure... I wish them well in cleaning up
someone elses mess ..

 But I can bet it will be well faster than the 6 months those guys
took to notify the public / other Operating systems that run on the
x86-64 architecture

Re: Kernel memory leaking on Intel CPUs?

[Jordan Geoghegan]

Fair enough, any idea if this could effect MIPS {32 64}? That's my next 
most commonly deployed arch. I do assume that there will likely be some 
issues on other arches, but from what I see, folks are still doing 
pensive beard stroking trying to determine if AMD chips are susceptible. 
SPARC is tight like a tiger as Goldmember would say, and I would be 
wholeheartedly shocked to find it was vulnerable to the same degree as x86.



On 01/06/18 10:27, Otto Moerbeek wrote:

On Sat, Jan 06, 2018 at 10:22:25AM -0800, Jordan Geoghegan wrote:


All my web-facing servers are running SPARC and/or for a couple smaller
projects, PowerPC. People thought I was a loon when I vehemently insisted on
SPARC over the years, and called me crazy when I hosted my personal web
projects on PowerPC. x86 is a disease.

A little bit extra in electricity costs, and a whole lot extra when it comes
to peace of mind - niche architectures ftw!

Sparc64 and powerpc also have speculative execution, branch
prediction and extensive caches. It is much wiser to assume they are
also affected by (similar) bugs/explots or whatever you call it.

That said, they are indeed nicer than the Intel stuff that can hardly
be called an architecture.

-Otto

Re: Kernel memory leaking on Intel CPUs?

[Otto Moerbeek]

On Sat, Jan 06, 2018 at 10:22:25AM -0800, Jordan Geoghegan wrote:

> All my web-facing servers are running SPARC and/or for a couple smaller
> projects, PowerPC. People thought I was a loon when I vehemently insisted on
> SPARC over the years, and called me crazy when I hosted my personal web
> projects on PowerPC. x86 is a disease.
> 
> A little bit extra in electricity costs, and a whole lot extra when it comes
> to peace of mind - niche architectures ftw!

Sparc64 and powerpc also have speculative execution, branch
prediction and extensive caches. It is much wiser to assume they are
also affected by (similar) bugs/explots or whatever you call it.

That said, they are indeed nicer than the Intel stuff that can hardly
be called an architecture.

-Otto

Re: Kernel memory leaking on Intel CPUs?

[Jordan Geoghegan]

All my web-facing servers are running SPARC and/or for a couple smaller 
projects, PowerPC. People thought I was a loon when I vehemently 
insisted on SPARC over the years, and called me crazy when I hosted my 
personal web projects on PowerPC. x86 is a disease.


A little bit extra in electricity costs, and a whole lot extra when it 
comes to peace of mind - niche architectures ftw!



On 01/05/18 23:57, Rupert Gallagher wrote:

http://www.mcst.ru/


On Sat, Jan 6, 2018 at 08:05, Jordan Geoghegan > wrote:
They make their own via the /Moscow Center of SPARC Technologies./ 
Check out the Elbrus architecture, its pretty clever. It can run 
native SPARC binaries and also has a fairly efficient x86 
compatibility layer built into the hardware. The way they achieve 
bi-endian capability is pretty neat, in addition to their 
aggressively large (20+) instructions per cycle when running native 
Elbrus code compiled with their VLIW support. 

Re: Kernel memory leaking on Intel CPUs?

[Rupert Gallagher]

Yes! They are also working on risc-v.

Sent from ProtonMail Mobile

On Fri, Jan 5, 2018 at 19:50, ropers  wrote:

> On 4 January 2018 at 09:13, Rupert Gallagher  wrote:
>
>> The Chinese have an interesting project on RISC, who is taking ages to hit 
>> the market.
>
> Is that https://www.openbsd.org/loongson.html or are you referring to 
> something else?

Re: Kernel memory leaking on Intel CPUs?

[Rupert Gallagher]

http://www.mcst.ru/

On Sat, Jan 6, 2018 at 08:05, Jordan Geoghegan  wrote:

> They make their own via the /Moscow Center of SPARC Technologies./ Check out 
> the Elbrus architecture, its pretty clever. It can run native SPARC binaries 
> and also has a fairly efficient x86 compatibility layer built into the 
> hardware. The way they achieve bi-endian capability is pretty neat, in 
> addition to their aggressively large (20+) instructions per cycle when 
> running native Elbrus code compiled with their VLIW support.  @gmail.com> 
> @gmail.com>

Fwd: Re: Kernel memory leaking on Intel CPUs?

[Eric Furman]

- Original message -
On 05/01/18 08:51, Eric Furman wrote:
> I always love threads like this. :)
> Doesn't it tell anybody anything that none of the developers have commented?


My point was that this thread was just pointless speculation
by a bunch of people who have no idea of what they write.
The Devs aren't going to add to the noise until they *KNOW*
something. So everybody else should just can it.
I have confidence you guys will handle it properly.
Whether that will make all of us happy, well
I won't speculate. :)

Re: Kernel memory leaking on Intel CPUs?

[Michael Hekeler]

> So I will be most interested to see the OpenBSD take on this after the
> embargo period is over.

How long is embargo period?

Re: Kernel memory leaking on Intel CPUs?

[Maurice McCarthy]

On 05/01/18 08:51, Eric Furman wrote:
> I always love threads like this. :)
> Doesn't it tell anybody anything that none of the developers have commented?
> 

Ignorant speculation: has pledge as revealed the severity of these bugs ?

Re: Kernel memory leaking on Intel CPUs?

[Jordan Geoghegan]

They make their own via the /Moscow Center of SPARC Technologies./  
Check out the Elbrus architecture, its pretty clever. It can run native 
SPARC binaries and also has a fairly efficient x86 compatibility layer 
built into the hardware. The way they achieve bi-endian capability is 
pretty neat, in addition to their aggressively large (20+) instructions 
per cycle when running native Elbrus code compiled with their VLIW support.



On 01/04/18 14:02, Rupert Gallagher wrote:
The Intel flop hits the US .mil as well,  because 
they depend on COTS Xeons.


I pity the Russians. I wonder if they pay through the nose for 
Oracle's power hungry hardware, or make it cheaper and power efficient 
of their own.


On Thu, Jan 4, 2018 at 18:28, Jordan Geoghegan > wrote:
The Russians heavily use SPARC for aerospace/military applications as 
well as their in house domestic-use-only Elbrus machines, for what I 
imagine to be reasons precisely like this. 

Re: Kernel memory leaking on Intel CPUs?

[SJP Lists]

On Saturday, 6 January 2018, Eric Furman  wrote:

> I always love threads like this. :)
> Doesn't it tell anybody anything that none of the developers have
> commented?
>
>
Theo talked about how scary some bugs in some Intel CPU’s were, a decade
ago...

https://marc.info/?l=openbsd-misc&m=118296441702631&w=2

So I will be most interested to see the OpenBSD take on this after the
embargo period is over.

Re: Kernel memory leaking on Intel CPUs?

[Jean-Michel Pouré]

On Fri, 5 Jan 2018 00:58:33 -
"torsten"  wrote:

> What surprises me is the "panic" publication of this because of already known 
> and in *BSDs addressed concerns about hyper threatening and shared memory 
> well back since 1994

IMHO this is a "zero day panic" of massive hardware destruction.

Example: Most Intel processors include a secondary processor (ex: iPro Intel 
extensions). 
If you are able to upload micro-code to this seconday processor, you may 
destroy the CPU.

Lack of knowledge leads to panic.

The only long term solution is to release information about security devices 
included in CPUs and organize a public discussion around them.

-- 
Jean-Michel Pouré 

Re: Kernel memory leaking on Intel CPUs?

[ropers]

On 4 January 2018 at 09:13, Rupert Gallagher  wrote:

> The Chinese have an interesting project on RISC, who is taking ages to hit
> the market.
>

Is that https://www.openbsd.org/loongson.html or are you referring to
something else?

Re: Kernel memory leaking on Intel CPUs?

[flipchan]

We need risc-v openhardware !

On January 5, 2018 3:49:22 PM GMT+01:00, Graham Allan  wrote:
>Also I don't believe any of these mechanisms are able to protect
>against 
>meltdown or spectre. I think *BSD is no more immune than any other 
>system, without performing the same separation between user and kernel 
>memory.
>
>On 1/5/2018 7:27 AM, Riccardo Giuntoli wrote:
>> But this is only for FreeBSD sure?
>> 
>> On Fri, Jan 5, 2018 at 2:02 AM, torsten 
>wrote:
>> 
>>> Ps
>>> security.bsd.see_other_uids=0
>>> security.bsd.see_other_gids=0
>>> security.bsd.unprivileged_read_msgbuf=0
>>> security.bsd.unprivileged_proc_debug=0
>>> kern.randompid=$(jot -r 1 )
>>> security.bsd.stack_guard_page=1
>>>
>>>
>>>> -Original Message-
>>>> From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On
>Behalf
>>>> Of torsten
>>>> Sent: 05 January 2018 00:59
>>>> To: 'Rupert Gallagher'; 'Daniel Wilkins'; 'Allan Streib'
>>>> Cc: 'Alceu R. de Freitas Jr.'; misc@openbsd.org
>>>> Subject: Re: Kernel memory leaking on Intel CPUs?
>>>>
>>>> I wonder how it is in reality for most *BSD users due to 1. hide
>>>> processes run by other users 2. disable reading kernel messaging
>>>> buffers...
>>>> 3. disable kernel messaging debugging by unprivileged users
>>>>
>>>> And some other tweeks
>>>>
>>>> What surprises me is the "panic" publication of this because of
>already
>>>> known and in *BSDs addressed concerns about hyper threatening and
>>>> shared memory well back since 1994
>>>>
>>>>
>>>>> -Original Message-
>>>>> From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On
>>>> Behalf
>>>>> Of Rupert Gallagher
>>>>> Sent: 04 January 2018 22:22
>>>>> To: Daniel Wilkins; Allan Streib
>>>>> Cc: Alceu R. de Freitas Jr.; misc@openbsd.org
>>>>> Subject: Re: Kernel memory leaking on Intel CPUs?
>>>>>
>>>>> https://mobile.twitter.com/misc0110/status/948706387491786752
>>>>>
>>>>> On Thu, Jan 4, 2018 at 16:49, Daniel Wilkins
>
>>>>> wrote:
>>>>>
>>>>>> Intel's said that it affects every processor in the last 20+
>years
>>>>> and that it's "not a big deal for most users" because it's only a
>>>>> kernel memory *read*. @yahoo.com.br>
>>>
>>>
>>>
>> 
>> 
>
>-- 
>Graham Allan
>Minnesota Supercomputing Institute - g...@umn.edu

-- 
Take Care Sincerely flipchan layerprox dev

Re: Kernel memory leaking on Intel CPUs?

[Graham Allan]

Also I don't believe any of these mechanisms are able to protect against 
meltdown or spectre. I think *BSD is no more immune than any other 
system, without performing the same separation between user and kernel 
memory.


On 1/5/2018 7:27 AM, Riccardo Giuntoli wrote:

But this is only for FreeBSD sure?

On Fri, Jan 5, 2018 at 2:02 AM, torsten  wrote:


Ps
security.bsd.see_other_uids=0
security.bsd.see_other_gids=0
security.bsd.unprivileged_read_msgbuf=0
security.bsd.unprivileged_proc_debug=0
kern.randompid=$(jot -r 1 )
security.bsd.stack_guard_page=1



-Original Message-
From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf
Of torsten
Sent: 05 January 2018 00:59
To: 'Rupert Gallagher'; 'Daniel Wilkins'; 'Allan Streib'
Cc: 'Alceu R. de Freitas Jr.'; misc@openbsd.org
Subject: Re: Kernel memory leaking on Intel CPUs?

I wonder how it is in reality for most *BSD users due to 1. hide
processes run by other users 2. disable reading kernel messaging
buffers...
3. disable kernel messaging debugging by unprivileged users

And some other tweeks

What surprises me is the "panic" publication of this because of already
known and in *BSDs addressed concerns about hyper threatening and
shared memory well back since 1994



-Original Message-
From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On

Behalf

Of Rupert Gallagher
Sent: 04 January 2018 22:22
To: Daniel Wilkins; Allan Streib
Cc: Alceu R. de Freitas Jr.; misc@openbsd.org
Subject: Re: Kernel memory leaking on Intel CPUs?

https://mobile.twitter.com/misc0110/status/948706387491786752

On Thu, Jan 4, 2018 at 16:49, Daniel Wilkins 
wrote:


Intel's said that it affects every processor in the last 20+ years

and that it's "not a big deal for most users" because it's only a
kernel memory *read*. @yahoo.com.br>









--
Graham Allan
Minnesota Supercomputing Institute - g...@umn.edu

Re: Kernel memory leaking on Intel CPUs?

[Rupert Gallagher]

Yes, it is open hardware. No, it is not COTS, unfortunately. Low cost is due to 
high volume, and SPARC is hard to find.

On Fri, Jan 5, 2018 at 06:36, SJP Lists  wrote:

> SPARC architecture is open to others to develop their own CPU designs. The 
> Russians are not forced to buy SPARC from Oracle. @gmail.com> @protonmail.com>

Re: Kernel memory leaking on Intel CPUs?

[Rupert Gallagher]

The answer is: genuine FUD. The news is hitting the media with more emphasis 
than a North Corean nuclear test, the uncertainty is due to yet another 
hardware feature that was implemented by Intel to steal secrets across 
different OSs, and the doubt of whether OBSD will pass this new test.

On Fri, Jan 5, 2018 at 01:58, torsten  wrote:

> What surprises me is the "panic" publication of this because of already known 
> and in *BSDs addressed concerns about hyper threatening and shared memory 
> well back since 1994

Re: Kernel memory leaking on Intel CPUs?

[Eric Furman]

I always love threads like this. :)
Doesn't it tell anybody anything that none of the developers have commented?

Re: Kernel memory leaking on Intel CPUs?

[who one]

sorry, didn't sent my original mail in plaintext

Google came out with a more detailed explanation: 

https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

Any hardening setting should be enabled? Or code needs to be updated? What is 
the advise for OpenBSD? 

Thanks, 

> Subject: Kernel memory leaking on Intel CPUs?

> https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
>  
> "It is understood the bug is present in modern Intel processors produced in 
> the past decade. It allows normal user programs – from database applications 
> to JavaScript in web browsers – to discern to some extent the layout or 
> contents of protected kernel memory areas."
> 
> "The fix is to separate the kernel's memory completely from user processes 
> using what's called Kernel Page Table Isolation, or KPTI. At one point, 
> Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was 
> mulled by the Linux kernel team, giving you an idea of how annoying this has 
> been for the developers."
>  
> "AMD processors are not subject"
>  
> https://www.postgresql.org/message-id/2018010354.qikjmf7dvnjgb...@alap3.anarazel.de
>  
> Did anyone hear about this?

Re: Kernel memory leaking on Intel CPUs?

[Riccardo Giuntoli]

But this is only for FreeBSD sure?

On Fri, Jan 5, 2018 at 2:02 AM, torsten  wrote:

> Ps
> security.bsd.see_other_uids=0
> security.bsd.see_other_gids=0
> security.bsd.unprivileged_read_msgbuf=0
> security.bsd.unprivileged_proc_debug=0
> kern.randompid=$(jot -r 1 )
> security.bsd.stack_guard_page=1
>
>
> > -Original Message-
> > From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf
> > Of torsten
> > Sent: 05 January 2018 00:59
> > To: 'Rupert Gallagher'; 'Daniel Wilkins'; 'Allan Streib'
> > Cc: 'Alceu R. de Freitas Jr.'; misc@openbsd.org
> > Subject: Re: Kernel memory leaking on Intel CPUs?
> >
> > I wonder how it is in reality for most *BSD users due to 1. hide
> > processes run by other users 2. disable reading kernel messaging
> > buffers...
> > 3. disable kernel messaging debugging by unprivileged users
> >
> > And some other tweeks
> >
> > What surprises me is the "panic" publication of this because of already
> > known and in *BSDs addressed concerns about hyper threatening and
> > shared memory well back since 1994
> >
> >
> > > -Original Message-
> > > From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On
> > Behalf
> > > Of Rupert Gallagher
> > > Sent: 04 January 2018 22:22
> > > To: Daniel Wilkins; Allan Streib
> > > Cc: Alceu R. de Freitas Jr.; misc@openbsd.org
> > > Subject: Re: Kernel memory leaking on Intel CPUs?
> > >
> > > https://mobile.twitter.com/misc0110/status/948706387491786752
> > >
> > > On Thu, Jan 4, 2018 at 16:49, Daniel Wilkins 
> > > wrote:
> > >
> > > > Intel's said that it affects every processor in the last 20+ years
> > > and that it's "not a big deal for most users" because it's only a
> > > kernel memory *read*. @yahoo.com.br>
>
>
>


-- 
Name: Riccardo Giuntoli
Email: tag...@gmail.com
Location: Canyelles, BCN, España
PGP Key: 0x67123739
PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739
Key server: hkp://wwwkeys.eu.pgp.net

Re: Kernel memory leaking on Intel CPUs?

[SJP Lists]

On Friday, 5 January 2018, Rupert Gallagher  wrote:

> The Intel flop hits the US .mil as well,  because they depend on COTS
> Xeons.
>
> I pity the Russians. I wonder if they pay through the nose for Oracle's
> power hungry hardware, or make it cheaper and power efficient of their own.
>
> On Thu, Jan 4, 2018 at 18:28, Jordan Geoghegan 
> wrote:
>
> > The Russians heavily use SPARC for aerospace/military applications as
> well as their in house domestic-use-only Elbrus machines, for what I
> imagine to be reasons precisely like this.  @mail.com>


SPARC architecture is open to others to develop their own CPU designs.  The
Russians are not forced to buy SPARC from Oracle.

Re: Kernel memory leaking on Intel CPUs?

[torsten]

Ps
security.bsd.see_other_uids=0
security.bsd.see_other_gids=0
security.bsd.unprivileged_read_msgbuf=0
security.bsd.unprivileged_proc_debug=0
kern.randompid=$(jot -r 1 )
security.bsd.stack_guard_page=1


> -Original Message-
> From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf
> Of torsten
> Sent: 05 January 2018 00:59
> To: 'Rupert Gallagher'; 'Daniel Wilkins'; 'Allan Streib'
> Cc: 'Alceu R. de Freitas Jr.'; misc@openbsd.org
> Subject: Re: Kernel memory leaking on Intel CPUs?
> 
> I wonder how it is in reality for most *BSD users due to 1. hide
> processes run by other users 2. disable reading kernel messaging
> buffers...
> 3. disable kernel messaging debugging by unprivileged users
> 
> And some other tweeks
> 
> What surprises me is the "panic" publication of this because of already
> known and in *BSDs addressed concerns about hyper threatening and
> shared memory well back since 1994
> 
> 
> > -Original Message-
> > From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On
> Behalf
> > Of Rupert Gallagher
> > Sent: 04 January 2018 22:22
> > To: Daniel Wilkins; Allan Streib
> > Cc: Alceu R. de Freitas Jr.; misc@openbsd.org
> > Subject: Re: Kernel memory leaking on Intel CPUs?
> >
> > https://mobile.twitter.com/misc0110/status/948706387491786752
> >
> > On Thu, Jan 4, 2018 at 16:49, Daniel Wilkins 
> > wrote:
> >
> > > Intel's said that it affects every processor in the last 20+ years
> > and that it's "not a big deal for most users" because it's only a
> > kernel memory *read*. @yahoo.com.br>

Re: Kernel memory leaking on Intel CPUs?

[torsten]

I wonder how it is in reality for most *BSD users due to 
1. hide processes run by other users
2. disable reading kernel messaging buffers...
3. disable kernel messaging debugging by unprivileged users

And some other tweeks

What surprises me is the "panic" publication of this because of already known 
and in *BSDs addressed concerns about hyper threatening and shared memory well 
back since 1994


> -Original Message-
> From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf
> Of Rupert Gallagher
> Sent: 04 January 2018 22:22
> To: Daniel Wilkins; Allan Streib
> Cc: Alceu R. de Freitas Jr.; misc@openbsd.org
> Subject: Re: Kernel memory leaking on Intel CPUs?
> 
> https://mobile.twitter.com/misc0110/status/948706387491786752
> 
> On Thu, Jan 4, 2018 at 16:49, Daniel Wilkins 
> wrote:
> 
> > Intel's said that it affects every processor in the last 20+ years
> and that it's "not a big deal for most users" because it's only a
> kernel memory *read*. @yahoo.com.br>

Re: Kernel memory leaking on Intel CPUs?

[Rupert Gallagher]

https://mobile.twitter.com/misc0110/status/948706387491786752

On Thu, Jan 4, 2018 at 16:49, Daniel Wilkins  wrote:

> Intel's said that it affects every processor in the last 20+ years and that 
> it's "not a big deal for most users" because it's only a kernel memory 
> *read*. @yahoo.com.br>

Re: Kernel memory leaking on Intel CPUs?

[Rupert Gallagher]

The Intel flop hits the US .mil as well,  because they depend on COTS Xeons.

I pity the Russians. I wonder if they pay through the nose for Oracle's power 
hungry hardware, or make it cheaper and power efficient of their own.

On Thu, Jan 4, 2018 at 18:28, Jordan Geoghegan  wrote:

> The Russians heavily use SPARC for aerospace/military applications as well as 
> their in house domestic-use-only Elbrus machines, for what I imagine to be 
> reasons precisely like this.  @mail.com>

Re: Kernel memory leaking on Intel CPUs?

[Mike Tancsa]

On 1/4/2018 10:51 AM, Daniel Boyd wrote:
> 
> AMD has said that it doesn't affect their processors. Whether or not
> that's true, I'm not sure.
> 
> One curiosity I had was whether the KARL mitigation in 6.2 would help
> with this. I suppose it depends on the nature of the flaw (which is
> still embargoed I assume).

Seems a lot of the details are out

https://meltdownattack.com/

---Mike


-- 
---
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, m...@sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada   http://www.tancsa.com/

Re: Kernel memory leaking on Intel CPUs?

[Daniel Boyd]

On Thu, 2018-01-04 at 10:21 -0500, Allan Streib wrote:
> "Alceu R. de Freitas Jr."  writes:
> 
> > I guess Intel does not give a shit about non-profit groups. Linux
> > got
> > this attention because there are a lot of players making money from
> > it, players that surely have some sort of partnership with Intel.
> 
> From what I have read in the past 24 hours, the spectre attacks are
> not
> limited to Intel CPUs, but in theory could affect any that use
> speculative execution (including, at least, modern ARM designs and
> AMD
> processors).
> 
> My uninformed take on this is that when you allow anyone in the world
> to
> run programs on your systems (i.e. JavaScript in browsers, "cloud"
> hosted virtual machines running on shared hardware, etc.) these sorts
> of
> things occasionally happen. No CPUs or software are perfectly secure.
> 
> Allan
> 
> 

AMD has said that it doesn't affect their processors. Whether or not
that's true, I'm not sure.

One curiosity I had was whether the KARL mitigation in 6.2 would help
with this. I suppose it depends on the nature of the flaw (which is
still embargoed I assume).

Re: Kernel memory leaking on Intel CPUs?

[Jordan Geoghegan]

The Russians heavily use SPARC for aerospace/military applications as 
well as their in house domestic-use-only Elbrus machines, for what I 
imagine to be reasons precisely like this.



On 01/04/18 00:13, Rupert Gallagher wrote:

Everybody is reading about it, including people like me that have formerly 
underestimated the problem... mea culpa

The question is, can we have a kernel free of patches for spynet cpus? The 
Russians are moving to ARM-based cpus, anthough ARM is subject to UK-style 
Orwellian spynet law. The Chinese have an interesting project on RISC, who is 
taking ages to hit the market.

Sent from ProtonMail Mobile

On Wed, Jan 3, 2018 at 13:19, who one  wrote:


Did anyone hear about this?

Re: Kernel memory leaking on Intel CPUs?

[Daniel Boyd]

On Thu, 2018-01-04 at 10:49 -0500, Daniel Wilkins wrote:
> On Thu, Jan 04, 2018 at 10:21:12AM -0500, Allan Streib wrote:
> > "Alceu R. de Freitas Jr."  writes:
> > 
> > > I guess Intel does not give a shit about non-profit groups. Linux
> > > got
> > > this attention because there are a lot of players making money
> > > from
> > > it, players that surely have some sort of partnership with Intel.
> > 
> > From what I have read in the past 24 hours, the spectre attacks are
> > not
> > limited to Intel CPUs, but in theory could affect any that use
> > speculative execution (including, at least, modern ARM designs and
> > AMD
> > processors).
> > 
> > My uninformed take on this is that when you allow anyone in the
> > world to
> > run programs on your systems (i.e. JavaScript in browsers, "cloud"
> > hosted virtual machines running on shared hardware, etc.) these
> > sorts of
> > things occasionally happen. No CPUs or software are perfectly
> > secure.
> > 
> > Allan
> > 
> 
> From what I understand, AMD has come out and explicitly said that
> their
> architecture isn't and has never been vulnerable, while Intel's said
> that
> it affects every processor in the last 20+ years and that it's "not a
> big
> deal for most users" because it's only a kernel memory *read*.
> 
> 

I'm admittedly not an expert on all things kernel, but allowing user
space programs to read kernel space memory seems ... bad.  Read/write
would be worse, granted

Re: Kernel memory leaking on Intel CPUs?

[Raul Miller]

On Thu, Jan 4, 2018 at 10:49 AM, Daniel Wilkins  wrote:
> From what I understand, AMD has come out and explicitly said that their
> architecture isn't and has never been vulnerable, while Intel's said that
> it affects every processor in the last 20+ years and that it's "not a big
> deal for most users" because it's only a kernel memory *read*.

I think you should interpret this as saying that there is a part of
that specific exploit implementation which AMD cpus have not
implemented.

But keep in mind, also, that the exploit involves multiple hardware
components (not only sloppy cpu instruction scheduling but shoddy
power management interacting with cheap dynamic ram refresh).

Of course, I have also misused my adjectives here. The cpu scheduling
is just wonderful, the power management is professional and the memory
implementation is beyond high tech. Sales people are omniscient and
thus have good reason for ... ah, ... never mind. I'm going to go
crawl back under my rock.

Good luck,

-- 
Raul

Re: Kernel memory leaking on Intel CPUs?

[Daniel Wilkins]

On Thu, Jan 04, 2018 at 10:21:12AM -0500, Allan Streib wrote:
> "Alceu R. de Freitas Jr."  writes:
> 
> > I guess Intel does not give a shit about non-profit groups. Linux got
> > this attention because there are a lot of players making money from
> > it, players that surely have some sort of partnership with Intel.
> 
> From what I have read in the past 24 hours, the spectre attacks are not
> limited to Intel CPUs, but in theory could affect any that use
> speculative execution (including, at least, modern ARM designs and AMD
> processors).
> 
> My uninformed take on this is that when you allow anyone in the world to
> run programs on your systems (i.e. JavaScript in browsers, "cloud"
> hosted virtual machines running on shared hardware, etc.) these sorts of
> things occasionally happen. No CPUs or software are perfectly secure.
> 
> Allan
> 

>From what I understand, AMD has come out and explicitly said that their
architecture isn't and has never been vulnerable, while Intel's said that
it affects every processor in the last 20+ years and that it's "not a big
deal for most users" because it's only a kernel memory *read*.

Re: Kernel memory leaking on Intel CPUs?

[Tom Smyth]

Hello Daniel,

I don't know as Im not a core developer... the Vuln was embargoed  so my guess
is a lot of people were in the dark.

Thanks
Tom Smyth

On 4 January 2018 at 13:31, Daniel Boyd  wrote:
> On Jan 4, 2018, at 5:43 AM, Tom Smyth  wrote:
>>
>> sorry all,
>>
>> I had posted to the tech mailing list about this .. I came across these 2
>> papers and they may be of interest about the CPU Security flaws
>>
>> https://spectreattack.com/
>>
>> I hope this helps
>> Tom Smyth
>>
>
> Were the BSDs given advanced notice of this like MS, Apple, and Linux...?

Re: Kernel memory leaking on Intel CPUs?

[Allan Streib]

"Alceu R. de Freitas Jr."  writes:

> I guess Intel does not give a shit about non-profit groups. Linux got
> this attention because there are a lot of players making money from
> it, players that surely have some sort of partnership with Intel.

>From what I have read in the past 24 hours, the spectre attacks are not
limited to Intel CPUs, but in theory could affect any that use
speculative execution (including, at least, modern ARM designs and AMD
processors).

My uninformed take on this is that when you allow anyone in the world to
run programs on your systems (i.e. JavaScript in browsers, "cloud"
hosted virtual machines running on shared hardware, etc.) these sorts of
things occasionally happen. No CPUs or software are perfectly secure.

Allan

Re: Kernel memory leaking on Intel CPUs?

[Alceu R. de Freitas Jr.]

 Not that I was able to see.
I guess Intel does not give a shit about non-profit groups. Linux got this 
attention because there are a lot of players making money from it, players that 
surely have some sort of partnership with Intel.

Around 2003, when I was still in college, I went to a IBM talk about Linux and 
asked the speaker why IBM chose Linux for their products instead of any of the 
*BSD available. The answer was "our customers are not asking for our 
applications on *BSD, but on Linux".
The irony is that *BSD has a lot of importance on the ecosystem, heck, even 
some products (MS Windows, MacOSX) borrowed code from *BSD projects.

Em quinta-feira, 4 de janeiro de 2018 11:32:45 BRST, Daniel Boyd 
 escreveu:  
 
 On Jan 4, 2018, at 5:43 AM, Tom Smyth  wrote:
> 
> sorry all,
> 
> I had posted to the tech mailing list about this .. I came across these 2
> papers and they may be of interest about the CPU Security flaws
> 
> https://spectreattack.com/
> 
> I hope this helps
> Tom Smyth
> 

Were the BSDs given advanced notice of this like MS, Apple, and Linux...?

  

Re: Kernel memory leaking on Intel CPUs?

[Rupert Gallagher]

Everybody is reading about it, including people like me that have formerly 
underestimated the problem... mea culpa

The question is, can we have a kernel free of patches for spynet cpus? The 
Russians are moving to ARM-based cpus, anthough ARM is subject to UK-style 
Orwellian spynet law. The Chinese have an interesting project on RISC, who is 
taking ages to hit the market.

Sent from ProtonMail Mobile

On Wed, Jan 3, 2018 at 13:19, who one  wrote:

>Did anyone hear about this?

Re: Kernel memory leaking on Intel CPUs?

[Daniel Boyd]

On Jan 4, 2018, at 5:43 AM, Tom Smyth  wrote:
> 
> sorry all,
> 
> I had posted to the tech mailing list about this .. I came across these 2
> papers and they may be of interest about the CPU Security flaws
> 
> https://spectreattack.com/
> 
> I hope this helps
> Tom Smyth
> 

Were the BSDs given advanced notice of this like MS, Apple, and Linux...?

Re: Kernel memory leaking on Intel CPUs?

[Tom Smyth]

sorry all,

I had posted to the tech mailing list about this .. I came across these 2
papers and they may be of interest about the CPU Security flaws

https://spectreattack.com/

I hope this helps
Tom Smyth

Re: Kernel memory leaking on Intel CPUs?

[Lampshade]

Intel is probably waiting for Microsoft, Red Hat,
Apple and major cloud companies to update 
OSes until release of Intel Security Advisory.

I am also curious does OpenBSD also maps
kernel to userspace memory of processes?
Could pledge protect against some scenarios
exploiting these kinds of bugs?

Re: Kernel memory leaking on Intel CPUs?

[Alceu R. de Freitas Jr.]

 I was just about to ask about the same thing... will OpenBSD lose performance 
as well, given the security flaw conditions?Looks like an issue already for 
Linux, MS Windows and MacOSX.Didn't see any mention about *BSD on the article 
too... 

Em quarta-feira, 3 de janeiro de 2018 11:03:00 BRST, who one 
 escreveu:  
 
 https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ "It is
understood the bug is present in modern Intel processors produced in the
past decade. It allows normal user programs – from database applications
to JavaScript in web browsers – to discern to some extent the layout or
contents of protected kernel memory areas." "The fix is to separate the
kernel's memory completely from user processes using what's called Kernel
Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete
Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux
kernel team, giving you an idea of how annoying this has been for the
developers." "AMD processors are not subject"
https://www.postgresql.org/message-id/2018010354.qikjmf7dvnjgb...@alap3.anarazel.de
Did anyone hear about this?
  

Kernel memory leaking on Intel CPUs?

[who one]

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ "It is
understood the bug is present in modern Intel processors produced in the
past decade. It allows normal user programs – from database applications
to JavaScript in web browsers – to discern to some extent the layout or
contents of protected kernel memory areas." "The fix is to separate the
kernel's memory completely from user processes using what's called Kernel
Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete
Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux
kernel team, giving you an idea of how annoying this has been for the
developers." "AMD processors are not subject"
https://www.postgresql.org/message-id/2018010354.qikjmf7dvnjgb...@alap3.anarazel.de
Did anyone hear about this?