Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Meltdown/Spectre: Unauthorized Disclosure of Kernel Memory
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4 ... 21, 22, 23  Next  
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
EasterParade
l33t
l33t


Joined: 26 Jul 2003
Posts: 938

PostPosted: Thu Jan 04, 2018 6:46 pm    Post subject: Reply with quote

[b]

Last edited by EasterParade on Fri Jan 05, 2018 10:09 pm; edited 1 time in total
Back to top
View user's profile Send private message
Jaglover
Watchman
Watchman


Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana

PostPosted: Thu Jan 04, 2018 6:58 pm    Post subject: Reply with quote

Generally, if a defective product is sold a recall should be done.
_________________
My Gentoo installation notes.
Please learn how to denote units correctly!
Back to top
View user's profile Send private message
NightMonkey
Guru
Guru


Joined: 21 Mar 2003
Posts: 357
Location: Philadelphia, PA

PostPosted: Thu Jan 04, 2018 7:04 pm    Post subject: Mitigation? Reply with quote

Is there any mitigation possible, perhaps in either the kernel config, or via CFLAGs, that removes some feature that is allowing this exploitable path in our chipsets? Pretty ugly stuff - and I wonder who has been exploiting this for years without the public knowing...
_________________
:D
Back to top
View user's profile Send private message
PrSo
Tux's lil' helper
Tux's lil' helper


Joined: 01 Jun 2017
Posts: 136

PostPosted: Thu Jan 04, 2018 7:06 pm    Post subject: Reply with quote

Here is part of Spectre patch:

http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20180101/513630.html
Back to top
View user's profile Send private message
Myu
Apprentice
Apprentice


Joined: 22 Oct 2014
Posts: 164
Location: Belgium

PostPosted: Thu Jan 04, 2018 7:07 pm    Post subject: Reply with quote

Quote:
Is there any mitigation possible, perhaps in either the kernel config, or via CFLAGs, that removes some feature that is allowing this exploitable path in our chipsets? Pretty ugly stuff - and I wonder who has been exploiting this for years without the public knowing...


Kernel 4.14.11 has CONFIG_PAGE_TABLE_ISOLATION=y but that only for Meltdown attack. Spectre is a different beast

(edited)

_________________
Gentoo stable with bits of ~amd64 // Xfce 4.13 + Compiz Reloaded.


Last edited by Myu on Thu Jan 04, 2018 7:08 pm; edited 1 time in total
Back to top
View user's profile Send private message
CPUFan
n00b
n00b


Joined: 21 May 2015
Posts: 58

PostPosted: Thu Jan 04, 2018 7:08 pm    Post subject: Reply with quote

Just FYI: This is "part" of a solution:
/etc/portage/package.accept_keywords:
# Meltdown:
=sys-kernel/gentoo-sources-4.14.11-r2 ~amd64
(followed by an update)

There will be 3 GLSAs about the full solution.

Thanks to grknight from #gentoo for confirming.


Last edited by CPUFan on Thu Jan 04, 2018 8:01 pm; edited 1 time in total
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 9835
Location: almost Mile High in the USA

PostPosted: Thu Jan 04, 2018 7:08 pm    Post subject: Reply with quote

Anyone have the PoC code, and whether disabling L1/L2 caches would mitigate the problem?

Granted, this would kill performance really badly, but it's a stopgap solution? heh heh heh
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 6070
Location: Removed by Neddy

PostPosted: Thu Jan 04, 2018 7:09 pm    Post subject: Re: Mitigation? Reply with quote

NightMonkey wrote:
Is there any mitigation possible, perhaps in either the kernel config, or via CFLAGs, that removes some feature that is allowing this exploitable path in our chipsets? Pretty ugly stuff - and I wonder who has been exploiting this for years without the public knowing...
yes, buy a ryzen setup
_________________
#define HelloWorld int
#define Int main()
#define Return printf
#define Print return
#include <stdio>
HelloWorld Int {
Return("Hello, world!\n");
Print 0;
Back to top
View user's profile Send private message
Myu
Apprentice
Apprentice


Joined: 22 Oct 2014
Posts: 164
Location: Belgium

PostPosted: Thu Jan 04, 2018 7:10 pm    Post subject: Reply with quote

@CPUFan :

Have an Intel CPU and 4.14.11 ? Then run

Code:
cat /proc/cpuinfo | grep -i insecure


If you have something like this, the KPTI patch is enabled :
Code:

bugs      : cpu_insecure
bugs      : cpu_insecure
...

_________________
Gentoo stable with bits of ~amd64 // Xfce 4.13 + Compiz Reloaded.
Back to top
View user's profile Send private message
ycUygB1
Apprentice
Apprentice


Joined: 27 Jul 2005
Posts: 276
Location: Portland, Oregon

PostPosted: Thu Jan 04, 2018 8:15 pm    Post subject: Reply with quote

CPUFan wrote:

There will be 3 GLSAs about the full solution.

Thanks to grknight from #gentoo for confirming.


Thank you.
Back to top
View user's profile Send private message
Cyker
Veteran
Veteran


Joined: 15 Jun 2006
Posts: 1746

PostPosted: Thu Jan 04, 2018 8:16 pm    Post subject: Reply with quote

Wooo! Time for the C64 to RISE AGAIN!!!!! :lol:
Back to top
View user's profile Send private message
EasterParade
l33t
l33t


Joined: 26 Jul 2003
Posts: 938

PostPosted: Thu Jan 04, 2018 8:23 pm    Post subject: Reply with quote

[b]

Last edited by EasterParade on Fri Jan 05, 2018 10:09 pm; edited 1 time in total
Back to top
View user's profile Send private message
Joseph Powers
n00b
n00b


Joined: 26 Nov 2017
Posts: 41

PostPosted: Thu Jan 04, 2018 9:08 pm    Post subject: Reply with quote

Can I patch the Meltdown bug with Gentoo hardened sources?
Back to top
View user's profile Send private message
papas
Tux's lil' helper
Tux's lil' helper


Joined: 01 Dec 2014
Posts: 141
Location: Athens

PostPosted: Thu Jan 04, 2018 9:20 pm    Post subject: Reply with quote

great news for me 2 days ago I ordered a i7 8700k just to avoid the AMD segfault
Back to top
View user's profile Send private message
1clue
Advocate
Advocate


Joined: 05 Feb 2006
Posts: 2569

PostPosted: Thu Jan 04, 2018 9:39 pm    Post subject: Reply with quote

It's going to take awhile before any fixed hardware reaches the market. First the design needs to be fixed, then it needs to be tested and then boards need to be designed around the newer chips. We're all screwed for awhile.
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 6070
Location: Removed by Neddy

PostPosted: Thu Jan 04, 2018 9:45 pm    Post subject: Reply with quote

1clue wrote:
It's going to take awhile before any fixed hardware reaches the market. First the design needs to be fixed, then it needs to be tested and then boards need to be designed around the newer chips. We're all screwed for awhile.
You can take the risk with present Ryzen stock & you might be lucky not to pick up with early fab issues OR wait a couple of months an Zen2 is due out
If you want to stick with intel then sure... might take some time *if* they actually fix it (note they never actually fixed the fpu issue) as they have to gut their entire arch rather than building on it
_________________
#define HelloWorld int
#define Int main()
#define Return printf
#define Print return
#include <stdio>
HelloWorld Int {
Return("Hello, world!\n");
Print 0;
Back to top
View user's profile Send private message
1clue
Advocate
Advocate


Joined: 05 Feb 2006
Posts: 2569

PostPosted: Thu Jan 04, 2018 9:52 pm    Post subject: Reply with quote

Naib wrote:
1clue wrote:
It's going to take awhile before any fixed hardware reaches the market. First the design needs to be fixed, then it needs to be tested and then boards need to be designed around the newer chips. We're all screwed for awhile.
You can take the risk with present Ryzen stock & you might be lucky not to pick up with early fab issues OR wait a couple of months an Zen2 is due out
If you want to stick with intel then sure... might take some time *if* they actually fix it (note they never actually fixed the fpu issue) as they have to gut their entire arch rather than building on it


FWIW I'm sticking with Intel.

The idea that they don't fix this is insane. The FPU issue was a minor irritant with an easy software fix. This decimates the security or speed of their entire processor line for the last 15 years.
Back to top
View user's profile Send private message
gengreen
Apprentice
Apprentice


Joined: 23 Dec 2017
Posts: 150

PostPosted: Thu Jan 04, 2018 10:28 pm    Post subject: Reply with quote

Better to directly turn off the javascript in about:config than use some plugins

javascript is a general useflag, I will put it in my make.conf (-javascript)

it's better than nothing...
Back to top
View user's profile Send private message
roki942
Apprentice
Apprentice


Joined: 18 Apr 2005
Posts: 285
Location: Seattle

PostPosted: Thu Jan 04, 2018 10:30 pm    Post subject: Reply with quote

Came across these:
"We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare" http://www.theregister.co.uk/2018/01/04/intel_meltdown_spectre_bugs_the_registers_annotations/
"Azure VMs borked following Meltdown patch, er, meltdown" https://www.theregister.co.uk/2018/01/04/azure_vms_down_following_meltdown_patch/
Back to top
View user's profile Send private message
luiztux
n00b
n00b


Joined: 31 Aug 2015
Posts: 27
Location: /usr/portage/distfiles

PostPosted: Thu Jan 04, 2018 11:17 pm    Post subject: Reply with quote

Who knows now is the chance of Open Source Hardware gaining momentum? Or live like Stallman ... :roll:
Back to top
View user's profile Send private message
The Main Man
Veteran
Veteran


Joined: 27 Nov 2014
Posts: 1171
Location: /run/user/1000

PostPosted: Thu Jan 04, 2018 11:29 pm    Post subject: Reply with quote

eccerr0r wrote:
Anyone have the PoC code, and whether disabling L1/L2 caches would mitigate the problem?


PoC code :
http://cxsecurity.com/issue/WLB-2018010039
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 6070
Location: Removed by Neddy

PostPosted: Thu Jan 04, 2018 11:35 pm    Post subject: Reply with quote

https://www.bleepingcomputer.com/news/security/mozilla-confirms-web-based-execution-vector-for-meltdown-and-spectre-attacks/
_________________
#define HelloWorld int
#define Int main()
#define Return printf
#define Print return
#include <stdio>
HelloWorld Int {
Return("Hello, world!\n");
Print 0;
Back to top
View user's profile Send private message
The Main Man
Veteran
Veteran


Joined: 27 Nov 2014
Posts: 1171
Location: /run/user/1000

PostPosted: Thu Jan 04, 2018 11:52 pm    Post subject: Reply with quote

It's easier to copy the PoC code from here instead of the link I posted above:
https://github.com/Eugnis/spectre-attack

Anyway, I've executed this code on 4.14.11-gentoo-r2 with cpu_insecure and got this :
Code:
$ ./a.out                                                                                                                                                                         
Putting 'The Magic Words are Squeamish Ossifrage.' in memory
Reading 40 bytes:
zsh: illegal hardware instruction  ./a.out


Would be interesting to see the result on non-patched system but I can't do it atm.
Back to top
View user's profile Send private message
gengreen
Apprentice
Apprentice


Joined: 23 Dec 2017
Posts: 150

PostPosted: Fri Jan 05, 2018 12:37 am    Post subject: Reply with quote

https://paste.pound-python.org/show/X9OyOjgzkEMCgOKMTwTc/
Back to top
View user's profile Send private message
The Main Man
Veteran
Veteran


Joined: 27 Nov 2014
Posts: 1171
Location: /run/user/1000

PostPosted: Fri Jan 05, 2018 12:46 am    Post subject: Reply with quote

gengreen wrote:
https://paste.pound-python.org/show/X9OyOjgzkEMCgOKMTwTc/


Interesting, so the code actually works. On patched or non-patched system?
I just had to try it and on the same machine I have another gentoo installation that hasn't been updated in awhile (couple of months) , and I get the same result (zsh: illegal hardware instruction ./a.out), thought maybe it's zsh so I tried to execute in bash but I got the same thing. Maybe I'm doing something wrong, I've compiled the source with "gcc Source.c"
Back to top
View user's profile Send private message
Display posts from previous:   
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Goto page Previous  1, 2, 3, 4 ... 21, 22, 23  Next
Page 3 of 23

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum