Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Meltdown/Spectre: Unauthorized Disclosure of Kernel Memory
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4 ... 21, 22, 23  Next  
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
transsib
l33t
l33t


Joined: 26 Jul 2003
Posts: 869

PostPosted: Thu Jan 04, 2018 6:46 pm    Post subject: Reply with quote

[b]

Last edited by transsib on Fri Jan 05, 2018 10:09 pm; edited 1 time in total
Back to top
View user's profile Send private message
Jaglover
Watchman
Watchman


Joined: 29 May 2005
Posts: 7310
Location: Saint Amant, Acadiana

PostPosted: Thu Jan 04, 2018 6:58 pm    Post subject: Reply with quote

Generally, if a defective product is sold a recall should be done.
_________________
Please learn how to denote units correctly!
Back to top
View user's profile Send private message
NightMonkey
Guru
Guru


Joined: 21 Mar 2003
Posts: 328
Location: Pittsburgh, PA

PostPosted: Thu Jan 04, 2018 7:04 pm    Post subject: Mitigation? Reply with quote

Is there any mitigation possible, perhaps in either the kernel config, or via CFLAGs, that removes some feature that is allowing this exploitable path in our chipsets? Pretty ugly stuff - and I wonder who has been exploiting this for years without the public knowing...
_________________
I like Linux. :D
Back to top
View user's profile Send private message
PrSo
Tux's lil' helper
Tux's lil' helper


Joined: 01 Jun 2017
Posts: 130

PostPosted: Thu Jan 04, 2018 7:06 pm    Post subject: Reply with quote

Here is part of Spectre patch:

http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20180101/513630.html
Back to top
View user's profile Send private message
Myu
Apprentice
Apprentice


Joined: 22 Oct 2014
Posts: 164
Location: Belgium

PostPosted: Thu Jan 04, 2018 7:07 pm    Post subject: Reply with quote

Quote:
Is there any mitigation possible, perhaps in either the kernel config, or via CFLAGs, that removes some feature that is allowing this exploitable path in our chipsets? Pretty ugly stuff - and I wonder who has been exploiting this for years without the public knowing...


Kernel 4.14.11 has CONFIG_PAGE_TABLE_ISOLATION=y but that only for Meltdown attack. Spectre is a different beast

(edited)

_________________
Gentoo stable with bits of ~amd64 // Xfce 4.13 + Compiz Reloaded.


Last edited by Myu on Thu Jan 04, 2018 7:08 pm; edited 1 time in total
Back to top
View user's profile Send private message
CPUFan
n00b
n00b


Joined: 21 May 2015
Posts: 58

PostPosted: Thu Jan 04, 2018 7:08 pm    Post subject: Reply with quote

Just FYI: This is "part" of a solution:
/etc/portage/package.accept_keywords:
# Meltdown:
=sys-kernel/gentoo-sources-4.14.11-r2 ~amd64
(followed by an update)

There will be 3 GLSAs about the full solution.

Thanks to grknight from #gentoo for confirming.


Last edited by CPUFan on Thu Jan 04, 2018 8:01 pm; edited 1 time in total
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 7251
Location: almost Mile High in the USA

PostPosted: Thu Jan 04, 2018 7:08 pm    Post subject: Reply with quote

Anyone have the PoC code, and whether disabling L1/L2 caches would mitigate the problem?

Granted, this would kill performance really badly, but it's a stopgap solution? heh heh heh
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 5699
Location: Removed by Neddy

PostPosted: Thu Jan 04, 2018 7:09 pm    Post subject: Re: Mitigation? Reply with quote

NightMonkey wrote:
Is there any mitigation possible, perhaps in either the kernel config, or via CFLAGs, that removes some feature that is allowing this exploitable path in our chipsets? Pretty ugly stuff - and I wonder who has been exploiting this for years without the public knowing...
yes, buy a ryzen setup
_________________
The best argument against democracy is a five-minute conversation with the average voter
Great Britain is a republic, with a hereditary president, while the United States is a monarchy with an elective king
Back to top
View user's profile Send private message
Myu
Apprentice
Apprentice


Joined: 22 Oct 2014
Posts: 164
Location: Belgium

PostPosted: Thu Jan 04, 2018 7:10 pm    Post subject: Reply with quote

@CPUFan :

Have an Intel CPU and 4.14.11 ? Then run

Code:
cat /proc/cpuinfo | grep -i insecure


If you have something like this, the KPTI patch is enabled :
Code:

bugs      : cpu_insecure
bugs      : cpu_insecure
...

_________________
Gentoo stable with bits of ~amd64 // Xfce 4.13 + Compiz Reloaded.
Back to top
View user's profile Send private message
ycUygB1
Apprentice
Apprentice


Joined: 27 Jul 2005
Posts: 276
Location: Portland, Oregon

PostPosted: Thu Jan 04, 2018 8:15 pm    Post subject: Reply with quote

CPUFan wrote:

There will be 3 GLSAs about the full solution.

Thanks to grknight from #gentoo for confirming.


Thank you.
Back to top
View user's profile Send private message
Cyker
Veteran
Veteran


Joined: 15 Jun 2006
Posts: 1746

PostPosted: Thu Jan 04, 2018 8:16 pm    Post subject: Reply with quote

Wooo! Time for the C64 to RISE AGAIN!!!!! :lol:
Back to top
View user's profile Send private message
transsib
l33t
l33t


Joined: 26 Jul 2003
Posts: 869

PostPosted: Thu Jan 04, 2018 8:23 pm    Post subject: Reply with quote

[b]

Last edited by transsib on Fri Jan 05, 2018 10:09 pm; edited 1 time in total
Back to top
View user's profile Send private message
Joseph Powers
n00b
n00b


Joined: 26 Nov 2017
Posts: 41

PostPosted: Thu Jan 04, 2018 9:08 pm    Post subject: Reply with quote

Can I patch the Meltdown bug with Gentoo hardened sources?
Back to top
View user's profile Send private message
papas
Tux's lil' helper
Tux's lil' helper


Joined: 01 Dec 2014
Posts: 86
Location: Athens

PostPosted: Thu Jan 04, 2018 9:20 pm    Post subject: Reply with quote

great news for me 2 days ago I ordered a i7 8700k just to avoid the AMD segfault
Back to top
View user's profile Send private message
1clue
Advocate
Advocate


Joined: 05 Feb 2006
Posts: 2562

PostPosted: Thu Jan 04, 2018 9:39 pm    Post subject: Reply with quote

It's going to take awhile before any fixed hardware reaches the market. First the design needs to be fixed, then it needs to be tested and then boards need to be designed around the newer chips. We're all screwed for awhile.
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 5699
Location: Removed by Neddy

PostPosted: Thu Jan 04, 2018 9:45 pm    Post subject: Reply with quote

1clue wrote:
It's going to take awhile before any fixed hardware reaches the market. First the design needs to be fixed, then it needs to be tested and then boards need to be designed around the newer chips. We're all screwed for awhile.
You can take the risk with present Ryzen stock & you might be lucky not to pick up with early fab issues OR wait a couple of months an Zen2 is due out
If you want to stick with intel then sure... might take some time *if* they actually fix it (note they never actually fixed the fpu issue) as they have to gut their entire arch rather than building on it
_________________
The best argument against democracy is a five-minute conversation with the average voter
Great Britain is a republic, with a hereditary president, while the United States is a monarchy with an elective king
Back to top
View user's profile Send private message
1clue
Advocate
Advocate


Joined: 05 Feb 2006
Posts: 2562

PostPosted: Thu Jan 04, 2018 9:52 pm    Post subject: Reply with quote

Naib wrote:
1clue wrote:
It's going to take awhile before any fixed hardware reaches the market. First the design needs to be fixed, then it needs to be tested and then boards need to be designed around the newer chips. We're all screwed for awhile.
You can take the risk with present Ryzen stock & you might be lucky not to pick up with early fab issues OR wait a couple of months an Zen2 is due out
If you want to stick with intel then sure... might take some time *if* they actually fix it (note they never actually fixed the fpu issue) as they have to gut their entire arch rather than building on it


FWIW I'm sticking with Intel.

The idea that they don't fix this is insane. The FPU issue was a minor irritant with an easy software fix. This decimates the security or speed of their entire processor line for the last 15 years.
Back to top
View user's profile Send private message
gengreen
Tux's lil' helper
Tux's lil' helper


Joined: 23 Dec 2017
Posts: 84

PostPosted: Thu Jan 04, 2018 10:28 pm    Post subject: Reply with quote

Better to directly turn off the javascript in about:config than use some plugins

javascript is a general useflag, I will put it in my make.conf (-javascript)

it's better than nothing...
Back to top
View user's profile Send private message
roki942
Apprentice
Apprentice


Joined: 18 Apr 2005
Posts: 285
Location: Seattle

PostPosted: Thu Jan 04, 2018 10:30 pm    Post subject: Reply with quote

Came across these:
"We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare" http://www.theregister.co.uk/2018/01/04/intel_meltdown_spectre_bugs_the_registers_annotations/
"Azure VMs borked following Meltdown patch, er, meltdown" https://www.theregister.co.uk/2018/01/04/azure_vms_down_following_meltdown_patch/
Back to top
View user's profile Send private message
luiztux
n00b
n00b


Joined: 31 Aug 2015
Posts: 27
Location: /usr/portage/distfiles

PostPosted: Thu Jan 04, 2018 11:17 pm    Post subject: Reply with quote

Who knows now is the chance of Open Source Hardware gaining momentum? Or live like Stallman ... :roll:
Back to top
View user's profile Send private message
kajzer
Guru
Guru


Joined: 27 Nov 2014
Posts: 484

PostPosted: Thu Jan 04, 2018 11:29 pm    Post subject: Reply with quote

eccerr0r wrote:
Anyone have the PoC code, and whether disabling L1/L2 caches would mitigate the problem?


PoC code :
http://cxsecurity.com/issue/WLB-2018010039
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 5699
Location: Removed by Neddy

PostPosted: Thu Jan 04, 2018 11:35 pm    Post subject: Reply with quote

https://www.bleepingcomputer.com/news/security/mozilla-confirms-web-based-execution-vector-for-meltdown-and-spectre-attacks/
_________________
The best argument against democracy is a five-minute conversation with the average voter
Great Britain is a republic, with a hereditary president, while the United States is a monarchy with an elective king
Back to top
View user's profile Send private message
kajzer
Guru
Guru


Joined: 27 Nov 2014
Posts: 484

PostPosted: Thu Jan 04, 2018 11:52 pm    Post subject: Reply with quote

It's easier to copy the PoC code from here instead of the link I posted above:
https://github.com/Eugnis/spectre-attack

Anyway, I've executed this code on 4.14.11-gentoo-r2 with cpu_insecure and got this :
Code:
$ ./a.out                                                                                                                                                                         
Putting 'The Magic Words are Squeamish Ossifrage.' in memory
Reading 40 bytes:
zsh: illegal hardware instruction  ./a.out


Would be interesting to see the result on non-patched system but I can't do it atm.
Back to top
View user's profile Send private message
gengreen
Tux's lil' helper
Tux's lil' helper


Joined: 23 Dec 2017
Posts: 84

PostPosted: Fri Jan 05, 2018 12:37 am    Post subject: Reply with quote

https://paste.pound-python.org/show/X9OyOjgzkEMCgOKMTwTc/
Back to top
View user's profile Send private message
kajzer
Guru
Guru


Joined: 27 Nov 2014
Posts: 484

PostPosted: Fri Jan 05, 2018 12:46 am    Post subject: Reply with quote

gengreen wrote:
https://paste.pound-python.org/show/X9OyOjgzkEMCgOKMTwTc/


Interesting, so the code actually works. On patched or non-patched system?
I just had to try it and on the same machine I have another gentoo installation that hasn't been updated in awhile (couple of months) , and I get the same result (zsh: illegal hardware instruction ./a.out), thought maybe it's zsh so I tried to execute in bash but I got the same thing. Maybe I'm doing something wrong, I've compiled the source with "gcc Source.c"
Back to top
View user's profile Send private message
Display posts from previous:   
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Goto page Previous  1, 2, 3, 4 ... 21, 22, 23  Next
Page 3 of 23

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum