From: Thomas Gleixner <tglx@linutronix.de>
To: speck@linutronix.de
Subject: Re: [patch V4 11/11] Documentation: Add MDS vulnerability documentation
Date: Tue, 26 Feb 2019 21:10:00 +0100 (CET) [thread overview]
Message-ID: <alpine.DEB.2.21.1902262104000.1638@nanos.tec.linutronix.de> (raw)
In-Reply-To: <7f274a73-1d39-2287-9027-922b1260e1d9@intel.com>
On Mon, 25 Feb 2019, speck for Dave Hansen wrote:
> On 2/22/19 2:24 PM, speck for Thomas Gleixner wrote:
> > +Contrary to other speculation based vulnerabilities the MDS vulnerability
> > +does not allow the attacker to control the memory target address. As a
> > +consequence the attacks are purely sampling based, but as demonstrated with
> > +the TLBleed attack samples can be postprocessed successfully.
>
> I saw this "sampling-based" terminology in Andi's docs too. Personally,
> I find it a bit confusing. I think it's trying to make a distinction
> between attacks that pull data out of memory and attacks that pull data
> out of CPU-internal state that came from somewhere else. Maybe
> something like:
>
> Other attacks such as Spectre and Meltdown tend to target data
> at a specific memory address. The MDS vulnerability itself can
> not be targeted at memory and can only leak memory contents that
> have been loaded into the CPU buffers by other means.
>
> Or, is it trying to make a *timing* argument?
No, the point is that the other attacks target data at a memory address so
it's more targetted in some ways, at least once the attack found something
which looks interesting it can be targetted pretty good.
The MDS attacks just collect the buffer leakage and then try to make sense
out of the leaked data they retrieved. I think sampling describes that
pretty good. Let me think about it.
Thanks,
tglx
next prev parent reply other threads:[~2019-02-26 20:10 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-22 22:24 [patch V4 00/11] MDS basics Thomas Gleixner
2019-02-22 22:24 ` [patch V4 01/11] x86/msr-index: Cleanup bit defines Thomas Gleixner
2019-02-22 22:24 ` [patch V4 02/11] x86/speculation/mds: Add basic bug infrastructure for MDS Thomas Gleixner
2019-02-23 1:28 ` [MODERATED] " Linus Torvalds
2019-02-23 7:42 ` Thomas Gleixner
2019-02-27 13:04 ` Thomas Gleixner
2019-02-22 22:24 ` [patch V4 03/11] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests Thomas Gleixner
2019-02-22 22:24 ` [patch V4 04/11] x86/speculation/mds: Add mds_clear_cpu_buffer() Thomas Gleixner
2019-02-25 16:06 ` [MODERATED] " Frederic Weisbecker
2019-02-26 14:19 ` Josh Poimboeuf
2019-03-01 20:58 ` [MODERATED] Encrypted Message Jon Masters
2019-03-01 22:14 ` Jon Masters
2019-02-26 15:00 ` [MODERATED] Re: [patch V4 04/11] x86/speculation/mds: Add mds_clear_cpu_buffer() David Woodhouse
2019-02-22 22:24 ` [patch V4 05/11] x86/speculation/mds: Clear CPU buffers on exit to user Thomas Gleixner
2019-02-25 21:04 ` [MODERATED] " Greg KH
2019-02-26 15:20 ` Josh Poimboeuf
2019-02-26 20:26 ` Thomas Gleixner
2019-02-22 22:24 ` [patch V4 06/11] x86/speculation/mds: Conditionally clear CPU buffers on idle entry Thomas Gleixner
2019-02-25 21:09 ` [MODERATED] " Greg KH
2019-02-26 15:31 ` Josh Poimboeuf
2019-02-26 20:20 ` Thomas Gleixner
2019-02-22 22:24 ` [patch V4 07/11] x86/speculation/mds: Add mitigation control for MDS Thomas Gleixner
2019-02-25 20:17 ` [MODERATED] " mark gross
2019-02-26 15:50 ` Josh Poimboeuf
2019-02-26 20:16 ` Thomas Gleixner
2019-02-22 22:24 ` [patch V4 08/11] x86/speculation/mds: Add sysfs reporting " Thomas Gleixner
2019-02-22 22:24 ` [patch V4 09/11] x86/speculation/mds: Add mitigation mode VMWERV Thomas Gleixner
2019-02-23 9:52 ` [MODERATED] " Greg KH
2019-02-25 20:31 ` mark gross
2019-02-26 0:34 ` Andrew Cooper
2019-02-26 18:51 ` mark gross
2019-02-26 19:29 ` Thomas Gleixner
2019-02-22 22:24 ` [patch V4 10/11] Documentation: Move L1TF to separate directory Thomas Gleixner
2019-02-23 8:41 ` [MODERATED] " Greg KH
2019-02-22 22:24 ` [patch V4 11/11] Documentation: Add MDS vulnerability documentation Thomas Gleixner
2019-02-23 9:58 ` [MODERATED] " Greg KH
2019-02-26 20:11 ` Thomas Gleixner
2019-02-25 18:02 ` [MODERATED] " Dave Hansen
2019-02-26 20:10 ` Thomas Gleixner [this message]
2019-02-23 0:53 ` [MODERATED] Re: [patch V4 00/11] MDS basics Andrew Cooper
2019-02-23 14:12 ` Peter Zijlstra
2019-02-25 16:38 ` mark gross
2019-02-26 19:58 ` Thomas Gleixner
2019-02-26 16:28 ` [MODERATED] " Tyler Hicks
2019-02-26 19:58 ` Thomas Gleixner
2019-02-26 18:58 ` [MODERATED] " Kanth Ghatraju
2019-02-26 19:59 ` Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.21.1902262104000.1638@nanos.tec.linutronix.de \
--to=tglx@linutronix.de \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.