From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (193.142.43.55:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 26 Nov 2019 10:37:34 -0000 Received: from mail.kernel.org ([198.145.29.99]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1iZYDs-0006zm-PD for speck@linutronix.de; Tue, 26 Nov 2019 11:37:33 +0100 Date: Tue, 26 Nov 2019 11:37:22 +0100 From: Greg KH Subject: [MODERATED] Re: LVI Message-ID: <20191126103722.GC1418669@kroah.com> References: <20191119174008.7dbymix2eo4mrv57@treble> <20191126005417.GG84886@tassilo.jf.intel.com> MIME-Version: 1.0 In-Reply-To: <20191126005417.GG84886@tassilo.jf.intel.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Mon, Nov 25, 2019 at 04:54:17PM -0800, speck for Andi Kleen wrote: > > Hi Folks, > > We (well Tony, but he's currently on vacation) did a lot of analysis on LVI and we > concluded the kernel does not need any new changes. That's why you didn't see any > patches from Intel on this. > > Longer story: > > Assists are somewhat messy and can happen in many circumstances. However most > are rare and hard to trigger, so if you get them they're typically not usable > for a high loop count practical side channel. The main exception is the page A/D > assist which can be triggered in the kernel by *_user() > > *_user is protected by STAC/CLAC already and those have strong enough semantics > to stop an LVI attack outside the uaccess region. But of course there are CPUs > (pre BDW) which don't have STAC/CLAC. > > But to do anything with LVI you need a Spectre v1 style read gadget. Without > a gadget the attack is not feasible. And those gadgets are usually Spectre v1 > problems, so they would need to be fixed anyways. > > We already spent a lot of time looking for those in the past and fixing the few > found. Tony did an additional full tree audit, and the only additional case > found was in Infiniband. The patch for this is already upstream for some time > ("61f259821dd3306e49: IB/core: Add mitigation for Spectre V1") What's to keep these types of things coming back into our tree? Do we have anything that can scan for them yet? > So in summary, on modern CPUs (BDW+) STAC/CLAC mitigates LVIs, and on older CPUs the > Spectre V1 mitigation. So, all is good and the researchers can release their paper now and get on with their lives? Or is there something that we still need to do here? Do you have the PoC to share with us so that we can verify all of this? > The only real active (and messy) mitigation for LVI needed is when you're creating > SGX enclaves, but I assume noone here is interested in that. We don't care, no, but do our users? I think some of them used to, before it was found to not be useful at all :) thanks, greg k-h