From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <prvs=876720850=Andrew.Cooper3@citrix.com>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 11 Dec
  2018 01:02:52 -0000
Received: from smtp.ctxuk.citrix.com ([185.25.65.24] helo=SMTP.EU.CITRIX.COM)
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <prvs=876720850=Andrew.Cooper3@citrix.com>)
	id 1gWWRm-0000bP-Gz
	for speck@linutronix.de; Tue, 11 Dec 2018 02:02:51 +0100
Subject: [MODERATED] Re: [PATCH v2 6/8] MDSv2 3
References: <cover.1544464266.git.ak@linux.intel.com>
 <4c82eebb25381317499b1a92b7c6d516df265536.1544464266.git.ak@linux.intel.com>
 <fa1f5b14-1f23-a762-b508-072b09b68fff@citrix.com>
 <20181211004622.GA24945@agluck-desk>
From: Andrew Cooper <andrew.cooper3@citrix.com>
Message-ID: <8cc88c14-4f71-b75e-010c-9db83950a66f@citrix.com>
Date: Tue, 11 Dec 2018 01:02:39 +0000
MIME-Version: 1.0
In-Reply-To: <20181211004622.GA24945@agluck-desk>
Content-Type: multipart/mixed; boundary="FYs8QfQorhHhgKoiM2JueJyE2aTkhhXwF"; protected-headers="v1"
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

--FYs8QfQorhHhgKoiM2JueJyE2aTkhhXwF
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Content-Language: en-GB

On 11/12/2018 00:46, speck for Luck, Tony wrote:
> On Tue, Dec 11, 2018 at 12:37:49AM +0000, speck for Andrew Cooper wrote=
:
>> On 10/12/2018 17:53, speck for Andi Kleen wrote:
>>> From: Andi Kleen <ak@linux.intel.com>
>> Interrupting the middle of the software sequence is only one half of t=
he
>> problem.
>>
>> The other half is when an NMI/#MC/etc hits on the return to guest path=

>> after executing VERW, at which point you've just refilled all the
>> buffers between trying to clear them, and returning to userspace.
> NMI would seem to be the only exploitable option (since user might
> user perf to arrange an NMI in this window ... user can't force #MC
> or SMI on command).

There are plenty of indirect ways to generate an SMI, and SMIs handlers
all need to rendezvous to play this state game.

Given a very quick system call that you can call very frequently, its
feasible to create a race where it is the rendezvous SMI which hits in
the exit path.

> Would NMI fill the microarchitectural buffers with secrets?

That's a very different question, and might be ok to document our way
out of, but at the end of the day does depend on what code is hooked off
the NMI handler.

~Andrew


--FYs8QfQorhHhgKoiM2JueJyE2aTkhhXwF--