From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 22 Feb 2019 07:50:59 -0000 Received: from mx2.suse.de ([195.135.220.15] helo=mx1.suse.de) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gx5bl-00082p-JK for speck@linutronix.de; Fri, 22 Feb 2019 08:50:58 +0100 Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 0F813AEDF for ; Fri, 22 Feb 2019 07:50:52 +0000 (UTC) Date: Fri, 22 Feb 2019 08:50:43 +0100 From: Borislav Petkov Subject: [MODERATED] Re: [patch V3 4/9] MDS basics 4 Message-ID: <20190222075043.GB30865@zn.tnic> References: <20190221234431.922117624@linutronix.de> <20190221235534.731858403@linutronix.de> MIME-Version: 1.0 In-Reply-To: <20190221235534.731858403@linutronix.de> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable To: speck@linutronix.de List-ID: On Fri, Feb 22, 2019 at 12:44:35AM +0100, speck for Thomas Gleixner wrote: > +Exposure assumptions > +-------------------- > + > +It is assumed that attack code resides in user space or in a guest with one > +exception. The rationale behind this assumption is that the code construct > +needed for exploiting MDS requires: > + > + - to control the load to trigger a fault or assist > + > + - to have a disclosure gadget which exposes the speculatively accessed > + data for consumption through a side channel. > + > + - to control the pointer through which the disclosure gadget exposes the > + data > + > +The existance of such a construct cannot be excluded with 100% certainty, WARNING: 'existance' may be misspelled - perhaps 'existence'? With that fixed: Reviewed-by: Borislav Petkov --=20 Regards/Gruss, Boris. SUSE Linux GmbH, GF: Felix Imend=C3=B6rffer, Jane Smithard, Graham Norton, HR= B 21284 (AG N=C3=BCrnberg) --=20