lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5A50217E.7689.593D738@tim.ml.ipcopper.com>
Date:   Fri, 05 Jan 2018 17:08:14 -0800
From:   "Tim Mouraveiko" <tim.ml@...opper.com>
To:     Pavel Machek <pavel@....cz>
CC:     linux-kernel@...r.kernel.org
Subject: Re: Bricked x86 CPU with software?

> Hi!
> 
> On Thu 2018-01-04 17:21:36, Tim Mouraveiko wrote:
> > > On Thu 2018-01-04 14:13:56, Tim Mouraveiko wrote:
> > > > > > As I mentioned before, I repeatedly and fully power-cycled the motherboard and reset BIOS
> > > > > > and etc. It made no difference. I can see that the processor was not drawing any power. The
> > > > > > software code behaved in a similar fashion on other processors, until I fixed it so that it would
> > > > > > not kill any more processors.
> > > > > >
> > > > >
> > > > > So you have code that killed more than one processor? Save it! We want
> > > > > a copy.
> > > > >
> > > > > Do you have model numbers of affected CPUs?
> > > >
> > > >
> > > > Why would you want a copy? Last time I checked bricked CPUs do not work well, even as
> > > > decorations.
> > > >
> > > > I believe the processors were Intel Xeon series. The code would likely run on others too.
> > >
> > > Well... Intel's shares are overpriced, and you have code to fix that
> > > :-).
> > >
> > > Actually... I don't think your code works. That's why I'm curious. But
> > > if it works, its rather a big news... and I'm sure Intel and cloud
> > > providers are going to be interested.
> > >
> > 
> > I first discovered this issue over a year ago, quite by accident. I changed the code I was
> > working on so as not to kill the CPU (as that is not what I was trying to). We made Intel aware
> > of it. They didn´t care much, one of their personnel suggesting that they already knew about it
> > (whether this is true or not I couldn´t say). It popped up again later, so I had to fix the code
> > again. It could be a buggy implementation of a certain x86 functionality, but I left it at that
> > because I had better things to do with my time.
> >
> 
> Is the sequence available from ring 3, or does it need ring 0?
> 
> Can we get the code? Extraordinary claims and all that...
> 

I did not test privilege level. Are you suggesting that I put the code out there for everyone to 
see or what?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ