From: linux@armlinux.org.uk (Russell King - ARM Linux)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v2 2/6] arm: Invalidate BTB on prefetch abort outside of user mapping on Cortex A8, A9, A12 and A17
Date: Wed, 10 Jan 2018 16:45:18 +0000 [thread overview]
Message-ID: <20180110164518.GO17719@n2100.armlinux.org.uk> (raw)
In-Reply-To: <20180108185533.9698-3-marc.zyngier@arm.com>
On Mon, Jan 08, 2018 at 06:55:29PM +0000, Marc Zyngier wrote:
> In order to prevent aliasing attacks on the branch predictor,
> invalidate the BTB on CPUs that are known to be affected when taking
> a prefetch abort on a address that is outside of a user task limit.
Can you please describe to me what sort of exploit this is supposed
to be protecting against - if you do not wish to make the details
public, please reply in private.
As far as I can see, this has no effect on the exploits that have been
made public to date as none of them involve the prefetch abort handler,
and from what I can see in the "Cache Speculation Side-Channels"
document, no mention is made of the prefetch abort.
Indeed, I've received feedback from Florian that my set of "exploits"
based on the published information to date are unaffected by your
patch series, so I'm really interested to know exactly what this
series is trying to fix.
Thanks.
--
RMK's Patch system: http://www.armlinux.org.uk/developer/patches/
FTTC broadband for 0.8mile line in suburbia: sync at 8.8Mbps down 630kbps up
According to speedtest.net: 8.21Mbps down 510kbps up
next prev parent reply other threads:[~2018-01-10 16:45 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-08 18:55 [PATCH v2 0/6] ARM branch predictor hardening Marc Zyngier
2018-01-08 18:55 ` [PATCH v2 1/6] arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17 Marc Zyngier
2018-01-09 14:14 ` Andre Przywara
2018-01-09 14:21 ` Marc Zyngier
2018-01-09 14:22 ` Marc Zyngier
2018-01-10 17:53 ` Tony Lindgren
2018-01-10 17:57 ` Marc Zyngier
2018-01-10 21:52 ` Nishanth Menon
2018-01-11 9:03 ` Marc Zyngier
2018-01-29 18:41 ` Fabio Estevam
2018-01-29 19:21 ` Fabio Estevam
2018-01-29 19:28 ` Fabio Estevam
2018-01-08 18:55 ` [PATCH v2 2/6] arm: Invalidate BTB on prefetch abort outside of user mapping on Cortex A8, A9, " Marc Zyngier
2018-01-09 9:56 ` Marc Zyngier
2018-01-10 16:45 ` Russell King - ARM Linux [this message]
2018-01-08 18:55 ` [PATCH v2 3/6] arm: KVM: Invalidate BTB on guest exit Marc Zyngier
2018-01-15 12:22 ` Robin Murphy
2018-01-23 14:22 ` Christoffer Dall
2018-01-23 14:38 ` Marc Zyngier
2018-01-08 18:55 ` [PATCH v2 4/6] arm: Add icache invalidation on switch_mm for Cortex-A15 Marc Zyngier
2018-01-10 1:28 ` Florian Fainelli
2018-01-10 1:33 ` André Przywara
2018-01-10 1:35 ` Florian Fainelli
2018-01-10 9:13 ` Andre Przywara
2018-01-08 18:55 ` [PATCH v2 5/6] arm: Invalidate icache on prefetch abort outside of user mapping on Cortex-A15 Marc Zyngier
2018-01-08 18:55 ` [PATCH v2 6/6] arm: KVM: Invalidate icache on guest exit for Cortex-A15 Marc Zyngier
2018-01-23 14:26 ` Christoffer Dall
2018-01-09 17:13 ` [PATCH v2 0/6] ARM branch predictor hardening Florian Fainelli
2018-01-09 17:46 ` Russell King - ARM Linux
2018-01-10 16:50 ` Nishanth Menon
2018-01-10 17:16 ` Marc Zyngier
2018-01-10 22:59 ` Nishanth Menon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180110164518.GO17719@n2100.armlinux.org.uk \
--to=linux@armlinux.org.uk \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).