From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753664AbdEIOxx convert rfc822-to-8bit (ORCPT <rfc822;w@1wt.eu>);
        Tue, 9 May 2017 10:53:53 -0400
Received: from domain.gdata.de ([212.23.140.98]:35571 "EHLO domain.gdata.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751304AbdEIOxw (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 9 May 2017 10:53:52 -0400
X-Greylist: delayed 557 seconds by postgrey-1.27 at vger.kernel.org; Tue, 09 May 2017 10:53:52 EDT
Date: Tue, 9 May 2017 16:44:26 +0200
From: "Fogh, Anders" <anders.fogh@gdata-adan.de>
To: Daniel Gruss <daniel.gruss@iaik.tugraz.at>,
        Richard Weinberger <richard@nod.at>
cc: Christoph Hellwig <hch@infradead.org>,
        kernel list <linux-kernel@vger.kernel.org>,
        "kernel-hardening@lists.openwall.com" 
        <kernel-hardening@lists.openwall.com>,
        "clementine.maurice@iaik.tugraz.at" 
        <clementine.maurice@iaik.tugraz.at>,
        "moritz.lipp@iaik.tugraz.at" <moritz.lipp@iaik.tugraz.at>,
        Michael Schwarz <michael.schwarz@iaik.tugraz.at>,
        Richard Fellner <richard.fellner@student.tugraz.at>,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        Ingo Molnar <mingo@kernel.org>
MIME-Version: 1.0
Message-ID: <07322e2c-e95f-ea35-bc1f-7b05c082e287@gdata-adan.de>
Subject: Re: [kernel-hardening] Re: [RFC, PATCH] x86_64: KAISER - do not mapkernel in user mode
References: <9df77051-ac01-bfe9-3cf7-4c2ecbcb9292@iaik.tugraz.at>
 <20170504154717.GA24353@infradead.org>
 <f9a4e8ed-1b22-0d73-924c-f5bb1e18ba93@iaik.tugraz.at>
 <CAFLxGvwuMN52-Xf46j7XuG+cnJ9xnZjXWhihpgxr9_EUX0Z+Bg@mail.gmail.com>
 <cc75a38a-4ea6-e300-0370-882dfbfd7a23@iaik.tugraz.at>
 <6013bf3f-c3bd-3836-e5e2-ea89cc2e556a@nod.at>
 <8aecf7d4-9767-5367-1bc0-75fbd4b17e46@iaik.tugraz.at>
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.8.0
In-Reply-To: <8aecf7d4-9767-5367-1bc0-75fbd4b17e46@iaik.tugraz.at>
Content-Type: text/plain;
        charset="utf-8"
Content-Transfer-Encoding: 8BIT
X-Originating-IP: [10.111.61.7]
X-G-Data-MailSecurity-for-Exchange-SpamLevel: 0
X-G-Data-MailSecurity-for-Exchange-SpamFilter: 0;1;str=0001.0A0B0205.5911D5CB.0038,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0
X-G-Data-MailSecurity-for-Exchange-State: 0
X-G-Data-MailSecurity-for-Exchange-Error: 0
X-G-Data-MailSecurity-for-Exchange-Sender: 32
X-G-Data-MailSecurity-for-Exchange-Server: 6506638c-400b-4ded-b214-d9761b4b66ee
X-G-Data-MailSecurity-for-Exchange-Guid: 28950B6F-87CA-45C9-9AC1-CFE759C5229C
X-AVK-Virus-Check: AVA 25.12310;09.05.2017
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

>> i.e. how does it perform on recent AMD systems?

Sorry for the latency. Recent AMD is reported by Enrique Nissem to not
be vulnerable to the prefetch attack. TSX attack doesn't apply to AMD.
Hund, Willems & Holz wrote in 2013 that AMD was vulnerable to that
attack. The BTB is almost surely working in a different manner of
fashion if at all. So AMD may or may not be vulnerable to the DPF
attack, but none of the modern attacks should work - at least out of the
box.

Best regards,

Anders



____________
Virus checked by G Data MailSecurity
Version: AVA 25.12310 dated 09.05.2017
Virus news: www.antiviruslab.com

From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Tue, 9 May 2017 16:44:26 +0200
From: "Fogh, Anders" <anders.fogh@gdata-adan.de>
MIME-Version: 1.0
Message-ID: <07322e2c-e95f-ea35-bc1f-7b05c082e287@gdata-adan.de>
References: <9df77051-ac01-bfe9-3cf7-4c2ecbcb9292@iaik.tugraz.at>
 <20170504154717.GA24353@infradead.org>
 <f9a4e8ed-1b22-0d73-924c-f5bb1e18ba93@iaik.tugraz.at>
 <CAFLxGvwuMN52-Xf46j7XuG+cnJ9xnZjXWhihpgxr9_EUX0Z+Bg@mail.gmail.com>
 <cc75a38a-4ea6-e300-0370-882dfbfd7a23@iaik.tugraz.at>
 <6013bf3f-c3bd-3836-e5e2-ea89cc2e556a@nod.at>
 <8aecf7d4-9767-5367-1bc0-75fbd4b17e46@iaik.tugraz.at>
In-Reply-To: <8aecf7d4-9767-5367-1bc0-75fbd4b17e46@iaik.tugraz.at>
Content-Type: text/plain;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [kernel-hardening] Re: [RFC, PATCH] x86_64: KAISER - do not mapkernel in user mode
To: Daniel Gruss <daniel.gruss@iaik.tugraz.at>, Richard Weinberger <richard@nod.at>
Cc: Christoph Hellwig <hch@infradead.org>, kernel list <linux-kernel@vger.kernel.org>, "kernel-hardening@lists.openwall.com" <kernel-hardening@lists.openwall.com>, "clementine.maurice@iaik.tugraz.at" <clementine.maurice@iaik.tugraz.at>, "moritz.lipp@iaik.tugraz.at" <moritz.lipp@iaik.tugraz.at>, Michael Schwarz <michael.schwarz@iaik.tugraz.at>, Richard Fellner <richard.fellner@student.tugraz.at>, "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>, Ingo Molnar <mingo@kernel.org>
List-ID: <kernel-hardening.lists.openwall.com>

>> i.e. how does it perform on recent AMD systems?

Sorry for the latency. Recent AMD is reported by Enrique Nissem to not
be vulnerable to the prefetch attack. TSX attack doesn't apply to AMD.
Hund, Willems & Holz wrote in 2013 that AMD was vulnerable to that
attack. The BTB is almost surely working in a different manner of
fashion if at all. So AMD may or may not be vulnerable to the DPF
attack, but none of the modern attacks should work - at least out of the
box.

Best regards,

Anders



____________
Virus checked by G Data MailSecurity
Version: AVA 25.12310 dated 09.05.2017
Virus news: www.antiviruslab.com