On Tue, 18 Jun 2019, Tim Chen wrote:
> On 6/17/19 1:30 PM, Jon Masters wrote:
> > On 6/17/19 4:22 PM, Jon Masters wrote:
> >
> >>> + For kernel code that has been identified where data pointers could
> >>> + potentially be influenced for Spectre attacks, new "nospec" accessor
> >>> + macros
On 6/17/19 1:30 PM, Jon Masters wrote:
> On 6/17/19 4:22 PM, Jon Masters wrote:
>
>>> + For kernel code that has been identified where data pointers could
>>> + potentially be influenced for Spectre attacks, new "nospec" accessor
>>> + macros are used to prevent speculative loading of data.
On 6/17/19 3:16 PM, Jonathan Corbet wrote:
> On Mon, 17 Jun 2019 22:21:51 +0200 (CEST)
> Thomas Gleixner wrote:
>
>>> +Spectre variant 1 attacks take advantage of speculative execution of
>>> +conditional branches, while Spectre variant 2 attacks use speculative
>>> +execution of indirect branche
On Mon, 17 Jun 2019 22:21:51 +0200 (CEST)
Thomas Gleixner wrote:
> > +Spectre variant 1 attacks take advantage of speculative execution of
> > +conditional branches, while Spectre variant 2 attacks use speculative
> > +execution of indirect branches to leak privileged memory. See [1] [5]
> > +[7]
On 6/17/19 4:22 PM, Jon Masters wrote:
>> + For kernel code that has been identified where data pointers could
>> + potentially be influenced for Spectre attacks, new "nospec" accessor
>> + macros are used to prevent speculative loading of data.
>
> Maybe explain that nospec (speculative cl
Tim,
On Mon, 17 Jun 2019, Thomas Gleixner wrote:
> Tim,
>
> On Mon, 17 Jun 2019, Tim Chen wrote:
>
> > +Spectre variant 1 attacks take advantage of speculative execution of
> > +conditional branches, while Spectre variant 2 attacks use speculative
> > +execution of indirect branches to leak pri
Tim,
On Mon, 17 Jun 2019, Tim Chen wrote:
> +Spectre variant 1 attacks take advantage of speculative execution of
> +conditional branches, while Spectre variant 2 attacks use speculative
> +execution of indirect branches to leak privileged memory. See [1] [5]
> +[7] [10] [11].
It would be great
Hi Tim,
Nice writeup. A few suggestions inline.
On 6/17/19 3:11 PM, Tim Chen wrote:
> +In Spectre variant 2 attacks, the attacker can steer speculative indirect
> +branches in the victim to gadget code by poisoning the branch target
> +buffer of a CPU used for predicting indirect branch addresse
Add documentation for Spectre vulnerability and the mitigation mechanisms:
- Explain the problem and risks
- Document the mitigation mechanisms
- Document the command line controls
- Document the sysfs files
Co-developed-by: Andi Kleen
Signed-off-by: Andi Kleen
Co-developed-by: Tim Chen
Signed
9 matches
Mail list logo
