[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180107185511.3r73spn4ylxgmd4u@pd.tnic>
Date: Sun, 7 Jan 2018 19:55:11 +0100
From: Borislav Petkov <bp@...en8.de>
To: Willy Tarreau <w@....eu>
Cc: Dave Hansen <dave.hansen@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Jon Masters <jcm@...hat.com>,
"Woodhouse, David" <dwmw@...zon.co.uk>,
Paolo Bonzini <pbonzini@...hat.com>,
Alan Cox <gnomes@...rguk.ukuu.org.uk>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andi Kleen <andi@...stfloor.org>,
Greg Kroah-Hartman <gregkh@...ux-foundation.org>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Jeff Law <law@...hat.com>, Nick Clifton <nickc@...hat.com>
Subject: Re: Avoid speculative indirect calls in kernel
On Sun, Jan 07, 2018 at 06:44:51PM +0100, Willy Tarreau wrote:
> Exactly, but there's much more to gain by owning this process anyway in
> certain cases than just dumping a few hundreds of kernel bytes.
A few hundred? It is *all* machine bytes.
> That's where I consider that "trusted" is more "critical" than "safe" :
> if it dies, we all die anyway.
No, not die. Exploit it and since it is "trusted", use it to dump all
memory. All your memories belongs to us.
> Just like you have to trust your plane's pilot eventhough you don't
> know him personally.
Funny you should make that analogy. Remember that germanwings pilot?
People trusted him too.
Now imagine if the plane had protection against insane pilots... some of
those people might still be alive, who knows...
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
Powered by blists - more mailing lists