| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Nov 2018 18:45:28 -0500
From: Andrea Arcangeli <aarcange@...hat.com>
To: Dave Hansen <dave.hansen@...el.com>
Cc: Jiri Kosina <jikos@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Tom Lendacky <thomas.lendacky@....com>,
Ingo Molnar <mingo@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
David Woodhouse <dwmw@...zon.co.uk>,
Andi Kleen <ak@...ux.intel.com>,
Casey Schaufler <casey.schaufler@...el.com>,
Asit Mallick <asit.k.mallick@...el.com>,
Arjan van de Ven <arjan@...ux.intel.com>,
Jon Masters <jcm@...hat.com>,
Waiman Long <longman9394@...il.com>,
LKML <linux-kernel@...r.kernel.org>, x86@...nel.org,
Willy Tarreau <w@....eu>
Subject: Re: [Patch v5 11/16] x86/speculation: Add Spectre v2 app to app
protection modes
On Mon, Nov 19, 2018 at 03:25:41PM -0800, Dave Hansen wrote:
> On 11/19/18 3:16 PM, Andrea Arcangeli wrote:
> > So you may want to ask why it wasn't written as your "any" vs "any" email:
>
> Presumably because the authors really and truly meant what they said. I
> was not being as careful in my wording as they were. :)
>
> There is nothing in the spec that says that STIBP disables branch
> prediction itself, or that it keeps a thread from influencing *itself*.
Just in case, another thing come to mind, what about mistraining the
BTB with STIBP set inside the SECCOMP jail and then going to sleep or
being migrated by the scheduler to another core which clears STIBP on
the core? Can the mistraining happened inside the SECCOMP jail with
STIBP set influence the code outside SECCOMP after STIBP is cleared?
Powered by blists - more mailing lists