From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (193.142.43.55:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 20 Feb 2020 08:14:32 -0000 Received: from mail.kernel.org ([198.145.29.99]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1j4gyc-0003lT-Qg for speck@linutronix.de; Thu, 20 Feb 2020 09:14:32 +0100 Date: Thu, 20 Feb 2020 09:14:20 +0100 From: Greg KH Subject: [MODERATED] Re: [PATCH 0/2] more sampling fun 0 Message-ID: <20200220081420.GA3328448@kroah.com> References: MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Wed, Feb 19, 2020 at 02:45:22PM -0800, speck for mark gross wrote: > From: mark gross > Subject: [PATCH 0/2] Special Register Buffer Data Sampling patch set > > Special Register Buffer Data Sampling is a sampling type of vulnerability that > leaks data across cores sharing the HW-RNG for vulnerable processors. > > This leak is fixed by a microcode update and is enabled by default. > > This new microcode serializes processor access during execution of RDRAND > or RDSEED. It ensures that the shared buffer is overwritten before it > is released for reuse. > > The mitigation impacts the throughput of the RDRAND and RDSEED instructions > and latency of RT processing running on the socket while executing RDRAND or > RDSEED. The micro bechmark of calling RDRAND many times shows a 10x slowdown. Then we need to stop using RDRAND internally for our "give me a random number api" which has spread to more and more parts of the kernel. Here's a patch that does so: https://lore.kernel.org/lkml/20200216161836.1976-1-Jason@zx2c4.com/ which I'm going to advise get merged now and backported to the stable branches. thanks, greg k-h