Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754054AbeAGOOV (ORCPT + 1 other); Sun, 7 Jan 2018 09:14:21 -0500 Received: from mail.skyhub.de ([5.9.137.197]:56952 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752886AbeAGOOT (ORCPT ); Sun, 7 Jan 2018 09:14:19 -0500 Date: Sun, 7 Jan 2018 15:14:10 +0100 From: Borislav Petkov To: Willy Tarreau Cc: Dave Hansen , Thomas Gleixner , Jon Masters , "Woodhouse, David" , Paolo Bonzini , Alan Cox , Linus Torvalds , Andi Kleen , Greg Kroah-Hartman , Tim Chen , Linux Kernel Mailing List , Jeff Law , Nick Clifton Subject: Re: Avoid speculative indirect calls in kernel Message-ID: <20180107141410.d6xd573s436ma5kz@pd.tnic> References: <20180104015920.1ad7b9d3@alans-desktop> <1515054014.12987.75.camel@amazon.co.uk> <403e65be-cfd1-fd08-0401-2e26470b63d4@redhat.com> <4dde456c-fd15-e768-8876-5844c8b7c455@redhat.com> <20180105064946.GA4007@1wt.eu> <44f1b753-47d3-82e3-9401-256b4beadd4f@intel.com> <20180105071333.GA4029@1wt.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20180105071333.GA4029@1wt.eu> User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Fri, Jan 05, 2018 at 08:13:33AM +0100, Willy Tarreau wrote: > I'm not fond of running the mitigations, but given that a few sysops can > connect to the machine to collect stats or counters, I think it would be > better to ensure these people can't happily play with the exploits to > dump stuff they shouldn't have access to. So if someone exploits the "trusted" process, and then dumps all memory, you have practically lost. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.