On 01/10/2014 03:16 AM, Linus Torvalds wrote:
> On Fri, Jan 10, 2014 at 6:06 PM, Borislav Petkov wrote:
>>
>> Tested-by: Borislav Petkov
>
> Ok, good.
>
> Peter, do you want to take it (feel free to add my sign-off), or
> should I just commit it?
>
> Also, is there a way to have a "likely not
On Fri, Jan 10, 2014 at 07:16:24PM +0800, Linus Torvalds wrote:
> Also, is there a way to have a "likely not true" version of that
> "static_cpu_has()"? There seems to be no way to make the non-K7/K8
> case
FWIW, this is not only K7/K8 but actually all AMD from family 6 onwards,
which is - practic
On Fri, Jan 10, 2014 at 6:06 PM, Borislav Petkov wrote:
>
> Tested-by: Borislav Petkov
Ok, good.
Peter, do you want to take it (feel free to add my sign-off), or
should I just commit it?
Also, is there a way to have a "likely not true" version of that
"static_cpu_has()"? There seems to be no w
On Thu, Jan 09, 2014 at 06:13:19PM -0800, H. Peter Anvin wrote:
> OK, that sounds very reasonable. Boris, halfdog, does something like
> this resolve your problem?
Yeah, if in doubt, Linus to the rescue! :)
Tested-by: Borislav Petkov
--
Regards/Gruss,
Boris.
Sent from a fat crate under my
On 01/09/2014 04:42 PM, Linus Torvalds wrote:
> On Fri, Jan 10, 2014 at 6:58 AM, Borislav Petkov wrote:
>>
>> Ok, I was able to reproduce
>
> Looking at this, I think this is just a bug in our
> restore_fpu_checking() hackery for X86_FEATURE_FXSAVE_LEAK..
>
> Which also explains why it only trig
On Fri, Jan 10, 2014 at 6:58 AM, Borislav Petkov wrote:
>
> Ok, I was able to reproduce
Looking at this, I think this is just a bug in our
restore_fpu_checking() hackery for X86_FEATURE_FXSAVE_LEAK..
Which also explains why it only triggers on E-350 - it's only relevant
for those K7/K8 CPU's tha
On Thu, Jan 09, 2014 at 10:50:28PM +, halfdog wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> It took me some time to build me the Debian Sid testing environment
> for amd64 with the same quality, I have vor i386, but now it is ready.
> And it seems, that amd64 is also affected, b
On Wed, Jan 08, 2014 at 02:39:42PM -0800, H. Peter Anvin wrote:
> It is obviously critical here that we get a handle on if this is a
> CPU-specific problem that we might have to work around or a general
> problem with the Linux code.
Ok, I was able to reproduce with
http://www.halfdog.net/Securit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It took me some time to build me the Debian Sid testing environment
for amd64 with the same quality, I have vor i386, but now it is ready.
And it seems, that amd64 is also affected, but lockup is immediately
(makes exploitation harder)
Here is the OOP
It is obviously critical here that we get a handle on if this is a
CPU-specific problem that we might have to work around or a general
problem with the Linux code.
-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.ker
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Borislav Petkov wrote:
> On Wed, Jan 08, 2014 at 09:42:40AM -0800, H. Peter Anvin wrote:
>> Adding Borislav.
>>
>> Boris, do you happen to know of any erratum on AMD E-350 which
>> may be in play here?
>
> Interesting. Well, nothing looks even remote
On Wed, Jan 08, 2014 at 09:42:40AM -0800, H. Peter Anvin wrote:
> Adding Borislav.
>
> Boris, do you happen to know of any erratum on AMD E-350 which may be
> in play here?
Interesting. Well, nothing looks even remotely related from looking at the F14h
rev guide here:
http://developer.amd.com/wo
Adding Borislav.
Boris, do you happen to know of any erratum on AMD E-350 which may be
in play here?
-hpa
On 01/07/2014 11:45 PM, halfdog wrote:
> Update to the issue:
>
> * Although first observed with virtual-8086 mode, the bug is not
> specific to virtual-8086 mode, it can be trigg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Update to the issue:
* Although first observed with virtual-8086 mode, the bug is not
specific to virtual-8086 mode, it can be triggered with normal x86
userspace code also, even with better reproducibility.
* Ben Hutchings looked at the Debian bug r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
H. Peter Anvin wrote:
> On 12/31/2013 11:21 AM, Konrad Rzeszutek Wilk wrote:
>>
>> So, I am wondering if this is related to " x86/fpu: CR0.TS should
>> be set before trap into PV guest's #NM exception handle" which
>> does have a similar pattern - you
On 12/31/2013 11:21 AM, Konrad Rzeszutek Wilk wrote:
>
> So, I am wondering if this is related to " x86/fpu: CR0.TS should be set
> before trap
> into PV guest's #NM exception handle" which does have a similar pattern - you
> do enough of the task switches and the FPU is screwed.
>
> See
> http
On Tue, Dec 31, 2013 at 10:42:47AM -0800, H. Peter Anvin wrote:
> On 12/30/2013 07:52 AM, halfdog wrote:
> >>
> >> Still in VirtualBox?
> >
> > Yes, again: after comparing the results from initrd on real hardware
> > with Vbox, I'm getting to understand the timing problem involved and why
> > timi
On 12/30/2013 07:52 AM, halfdog wrote:
>>
>> Still in VirtualBox?
>
> Yes, again: after comparing the results from initrd on real hardware
> with Vbox, I'm getting to understand the timing problem involved and why
> timing in VBox is different: The test program usually OOPSes when
> touching FPU m
H. Peter Anvin wrote:
> On 12/29/2013 12:44 PM, halfdog wrote:
>> H. Peter Anvin wrote:
>>> On 12/28/2013 02:02 PM, halfdog wrote:
It seems that missing CPU-state sanitation during task
switching triggers kernel-panic. This might be related to
unhandled FPU-errors. See [1] for POC
On 12/29/2013 12:44 PM, halfdog wrote:
> H. Peter Anvin wrote:
>> On 12/28/2013 02:02 PM, halfdog wrote:
>>> It seems that missing CPU-state sanitation during task
>>> switching triggers kernel-panic. This might be related to
>>> unhandled FPU-errors. See [1] for POC and serial console log
>>> of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
H. Peter Anvin wrote:
> On 12/28/2013 02:02 PM, halfdog wrote:
>> It seems that missing CPU-state sanitation during task switching
>> triggers kernel-panic. This might be related to unhandled
>> FPU-errors. See [1] for POC and serial console log of O
On 12/28/2013 02:02 PM, halfdog wrote:
> It seems that missing CPU-state sanitation during task switching
> triggers kernel-panic. This might be related to unhandled
> FPU-errors. See [1] for POC and serial console log of OOPs. Due to
> missing real 32-bit x86-hardware it is not clear, if this iss
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It seems that missing CPU-state sanitation during task switching
triggers kernel-panic. This might be related to unhandled FPU-errors.
See [1] for POC and serial console log of OOPs. Due to missing real
32-bit x86-hardware it is not clear, if this issu
23 matches
Mail list logo
