lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Thu, 30 May 2019 11:39:00 +0200
From:   Zdenek Kaspar <zkaspar82@...il.com>
To:     linux-kernel@...r.kernel.org
Subject: MDS/SSB Mitigation for pre-Nehalem/Older Intel Hardware?

Hello everyone,

on old CPU the current situation looks like this:

l1tf:Mitigation: PTE Inversion; VMX: EPT disabled
mds:Vulnerable: Clear CPU buffers attempted, no microcode; SMT disabled
meltdown:Mitigation: PTI
spec_store_bypass:Vulnerable
spectre_v1:Mitigation: __user pointer sanitization
spectre_v2:Mitigation: Full generic retpoline, STIBP: disabled, RSB filling

There's no way to mitigate some issues without microcode
and Intel doesn't provide new updates for old hardware.

The Deep Dive document for MDS includes: "software sequences
to overwrite buffers" but it goes back only to Nehalem.

Are there any plans for software fixes especially for older CPUs?

TIA, Z.

Powered by blists - more mailing lists