lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200402201328.zqnxwaetpk4ubg56@treble>
Date:   Thu, 2 Apr 2020 15:13:28 -0500
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Balbir Singh <sblbir@...zon.com>
Cc:     linux-kernel@...r.kernel.org, tglx@...utronix.de,
        tony.luck@...el.com, keescook@...omium.org, x86@...nel.org,
        benh@...nel.crashing.org, dave.hansen@...el.com
Subject: Re: [PATCH 0/3] arch/x86: Optionally flush L1D on context switch

On Thu, Apr 02, 2020 at 05:23:58PM +1100, Balbir Singh wrote:
> Provide a mechanisn to flush the L1D cache on context switch.  The goal
> is to allow tasks that are paranoid due to the recent snoop assisted data
> sampling vulnerabilites, to flush their L1D on being switched out.

Hi Balbir,

Just curious, is it really vulnerabilities, plural?  I thought there was
only one: CVE-2020-0550 (Snoop-assisted L1 Data Sampling).

(There was a similar one without the "snoop": L1D Eviction Sampling, but
it's supposed to get fixed in microcode).

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ