On Thu, 4 Jan 2018, Guest, Darren wrote: > Not sure if people have seen that attached article or heard of the 'intel' > chip issues from elsewhere: > https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
The defect is that crafted code can cause hardware based 'speculative' execution' to fetch into a cache from memory without checking (lower applicaion level) ACL rights, but then NOT be on the 'effective' execution path followed. If the code path WERE on the followed execution path, ACL's would be applied, and an access fault raised. These exploits [at least three modalities have been identified so far] permit bypass of such checks The 'fetched' and possibly sensitive, matter remains in the cache however. Then the contents in the cache are 'harvested' and able to be exfiltrated As the exploited interaction is between what hardware _can_ do, and what the OS / kernel / libraries think the hardware SHOULD do, it is not at all clear that this will not be a broader bug than presently known my $0.02, but I don't see a hole in the reasoning on how to extend it -- Russ herrold ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
