Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit

To: debian-italian@lists.debian.org
Subject: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
From: Felipe Salvador <felipe.salvador@gmail.com>
Date: Wed, 3 Jan 2018 19:45:17 +0100
Message-id: <[🔎] 20180103184517.ftzshzkqdpsjbhwf@gnurante>
Mail-followup-to: debian-italian@lists.debian.org
In-reply-to: <[🔎] 5841ffdc-0cce-89bf-15e6-55e4c0d697a8@gmail.com>
References: <6b3d9754ebe82451687f6c53d48deefc@ssl.ombos.raceme.org> <[🔎] 5841ffdc-0cce-89bf-15e6-55e4c0d697a8@gmail.com>

On Wed, Jan 03, 2018 at 01:42:40PM +0100, Davide Prina wrote:
> giro a tutti questa notizia (per chi non è iscritto alla lista
> security o gli è sfuggita).
> 
> Sunto sintetico: è stato scoperto un bug "hardware" nei processori
> intel (prodotti almeno negli ultimi 10 anni) che permette ad un
> attaccante di accedere ad aree di memoria protetta. Questo bug non può
> essere corretto con un aggiornamento del microcode intel. È stata
> creata una patch software per Linux che isola la memoria e impedisce
> lo sfruttamento del bug. I processori AMD non sono affetti dal bug.

10 anni, sarà mica una feature?

> Punti negativi: la patch sarà applicata a Linux e sarà attiva per
> tutti i processori (compresi AMD).

I processori AMD non sono affetti da questo problema, il workaround è
disabilitato per tutte le CPU x86 AMD.

https://lkml.org/lkml/2018/1/3/425

> Le prestazioni del PC dopo
> l'applicazione della patch potrebbero essere mediamente inferiori del
> 30% ("du -s" sarà il 50% più lento) :-((((
> 
> Ciao
> Davide
> 
> -------- Forwarded Message --------
> Subject: Huge Intel CPU Bug Allegedly Causes Kernel Memory
> Vulnerability With  Up To 30% Performance Hit
> Resent-Date: Wed,  3 Jan 2018 10:53:08 +0000 (UTC)
> Resent-From: debian-security@lists.debian.org
> Date: Wed, 03 Jan 2018 11:43:40 +0100
> From: Vincent Deffontaines <vincent@gryzor.com>
> To: debian-security@lists.debian.org
> 
> Greetings,
> 
> And happy new year.
> 
> This is hitting all of us soon.
> In short : a huge (and long lasting) hardware bug, present in about
> all Intel CPUs that have been sold for the last 10 years.
> It is not fixable by microcode, and requires ugly patching from the
> kernel layer. Other OSes such as Microsoft are concerned as well.
> 
> Nice overview of the thing :
> https://hothardware.com/news/intel-cpu-bug-kernel-memory-isolation-linux-windows-macos
> 
> More detail :
> http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table
> 
> Linus' patch :
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf
> 
> 
> Vincent Deffontaines
> 
> 
> 
> -- 
> Dizionari: http://linguistico.sourceforge.net/wiki
> Sistema operativo: http://www.debian.org
> GNU/Linux User: 302090: http://counter.li.org
> Non autorizzo la memorizzazione del mio indirizzo su outlook

-- 
Felipe Salvador

Reply to:

Follow-Ups:
- Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: Mauro <mauro@teppisti.it>

References:
- Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: Davide Prina <davide.prina@gmail.com>

Prev by Date: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
Next by Date: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
Previous by thread: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
Next by thread: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
Index(es):
- Date
- Thread