From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753798AbdEIO5e (ORCPT ); Tue, 9 May 2017 10:57:34 -0400 Received: from b.ns.miles-group.at ([95.130.255.144]:44723 "EHLO radon.swed.at" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753555AbdEIO5c (ORCPT ); Tue, 9 May 2017 10:57:32 -0400 Subject: Re: [kernel-hardening] Re: [RFC, PATCH] x86_64: KAISER - do not mapkernel in user mode To: "Fogh, Anders" , Daniel Gruss References: <9df77051-ac01-bfe9-3cf7-4c2ecbcb9292@iaik.tugraz.at> <20170504154717.GA24353@infradead.org> <6013bf3f-c3bd-3836-e5e2-ea89cc2e556a@nod.at> <8aecf7d4-9767-5367-1bc0-75fbd4b17e46@iaik.tugraz.at> <07322e2c-e95f-ea35-bc1f-7b05c082e287@gdata-adan.de> Cc: Christoph Hellwig , kernel list , "kernel-hardening@lists.openwall.com" , "clementine.maurice@iaik.tugraz.at" , "moritz.lipp@iaik.tugraz.at" , Michael Schwarz , Richard Fellner , "Kirill A. Shutemov" , Ingo Molnar From: Richard Weinberger Message-ID: <22a14b06-9489-3494-bbb7-428d4e5fa186@nod.at> Date: Tue, 9 May 2017 16:57:28 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <07322e2c-e95f-ea35-bc1f-7b05c082e287@gdata-adan.de> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Am 09.05.2017 um 16:44 schrieb Fogh, Anders: >>> i.e. how does it perform on recent AMD systems? > > Sorry for the latency. Recent AMD is reported by Enrique Nissem to not > be vulnerable to the prefetch attack. TSX attack doesn't apply to AMD. > Hund, Willems & Holz wrote in 2013 that AMD was vulnerable to that > attack. The BTB is almost surely working in a different manner of > fashion if at all. So AMD may or may not be vulnerable to the DPF > attack, but none of the modern attacks should work - at least out of the > box. But the promoted patch will also run on AMD systems, that's why I asked for the overhead. Thanks, //richard From mboxrd@z Thu Jan 1 00:00:00 1970 References: <9df77051-ac01-bfe9-3cf7-4c2ecbcb9292@iaik.tugraz.at> <20170504154717.GA24353@infradead.org> <6013bf3f-c3bd-3836-e5e2-ea89cc2e556a@nod.at> <8aecf7d4-9767-5367-1bc0-75fbd4b17e46@iaik.tugraz.at> <07322e2c-e95f-ea35-bc1f-7b05c082e287@gdata-adan.de> From: Richard Weinberger Message-ID: <22a14b06-9489-3494-bbb7-428d4e5fa186@nod.at> Date: Tue, 9 May 2017 16:57:28 +0200 MIME-Version: 1.0 In-Reply-To: <07322e2c-e95f-ea35-bc1f-7b05c082e287@gdata-adan.de> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Subject: Re: [kernel-hardening] Re: [RFC, PATCH] x86_64: KAISER - do not mapkernel in user mode To: "Fogh, Anders" , Daniel Gruss Cc: Christoph Hellwig , kernel list , "kernel-hardening@lists.openwall.com" , "clementine.maurice@iaik.tugraz.at" , "moritz.lipp@iaik.tugraz.at" , Michael Schwarz , Richard Fellner , "Kirill A. Shutemov" , Ingo Molnar List-ID: Am 09.05.2017 um 16:44 schrieb Fogh, Anders: >>> i.e. how does it perform on recent AMD systems? > > Sorry for the latency. Recent AMD is reported by Enrique Nissem to not > be vulnerable to the prefetch attack. TSX attack doesn't apply to AMD. > Hund, Willems & Holz wrote in 2013 that AMD was vulnerable to that > attack. The BTB is almost surely working in a different manner of > fashion if at all. So AMD may or may not be vulnerable to the DPF > attack, but none of the modern attacks should work - at least out of the > box. But the promoted patch will also run on AMD systems, that's why I asked for the overhead. Thanks, //richard