Wow... what a writeup! I'll never understand even 1% of it. What I did
learn so far is that when you find something like this, you need to make
up cool names like Spectre and Meltdown.
Cannaerts, Jan wrote:
This article:
https://googleprojectzero.blogspot.be/2018/01/reading-privileged-memory-with-side.html
Mentions the following:
Additional exploits for other architectures are also known to exist. These
include IBM System Z, POWER8 (Big Endian and Little Endian), and POWER9
(Little Endian).
The attacks target flaws in the hardware, in this case related to speculative
execution. But the PoCs I'm seeing so far seem to be meant to leak Linux kernel
memory (leaking passwords/cryptographic keys). The z/Architecture also
employs speculative execution and branch prediction.
So I'm not sure whether or not there is a working PoC for any Linux distribution
running either Linux native, under z/VM or KVM on System Z, and I cannot find
anything about a PoC for z/OS either.
If the attack can be used against z/OS, I'd wager it could leak fetch-protected
memory that is addressable by the address space in the first place. How much
interesting information there is in fetch-protected storage, I do not know.
-
Jan
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
