From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 22 Feb 2019 06:58:54 -0000 Received: from mail.kernel.org ([198.145.29.99]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gx4nM-0006Um-Qb for speck@linutronix.de; Fri, 22 Feb 2019 07:58:53 +0100 Date: Fri, 22 Feb 2019 07:58:43 +0100 From: Greg KH Subject: [MODERATED] Re: [patch V3 4/9] MDS basics 4 Message-ID: <20190222065843.GB21639@kroah.com> References: <20190221234431.922117624@linutronix.de> <20190221235534.731858403@linutronix.de> MIME-Version: 1.0 In-Reply-To: <20190221235534.731858403@linutronix.de> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Fri, Feb 22, 2019 at 12:44:35AM +0100, speck for Thomas Gleixner wrote: > +Exposure assumptions > +-------------------- > + > +It is assumed that attack code resides in user space or in a guest with one > +exception. The rationale behind this assumption is that the code construct > +needed for exploiting MDS requires: > + > + - to control the load to trigger a fault or assist > + > + - to have a disclosure gadget which exposes the speculatively accessed > + data for consumption through a side channel. > + > + - to control the pointer through which the disclosure gadget exposes the > + data > + > +The existance of such a construct cannot be excluded with 100% certainty, > +but the complexity involved makes it extremly unlikely. > + > +There is one exception, which is untrusted BPF. The functionality of > +untrusted BPF is limited, but it needs to be thoroughly investigated > +whether it can be used to create such a construct. A meta-comment, is anyone looking at the untrusted BPF issue? Do we have the BPF developers on this list so that they have the chance to figure this out? Anyway, this looks great, thanks for summarizing all of this in a readable way, I now know more about the insides of Intel cpus than I ever wanted to: Reviewed-by: Greg Kroah-Hartman