lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 3 Jan 2018 22:31:29 +0100
From: Pavel Machek <>
Subject: Intel CPU bug forcing page table switch during syscalls?


It looks like there's Intel CPU bug, allowing prefetch from kernel
memory. It seems to be reason KASLR patches are pushed so fast to Linux.


Does that mean we can do

   u16 *peek_addr = <somewhere into kernel>;
   char cacheline1[64];
   char cacheline2[64];


   if (*peek_addr == 0x1234)
      (volatile char *) cacheline1[0];
      (volatile char *) cacheline2[0];

Thread will certainly die to SIGSEGV here, but from other thread we
should be able to tell if cacheline1 or cacheline2 is in cache... and
therefore read unreadable memory....?

(cesky, pictures)

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists