Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp532644imm; Fri, 1 Jun 2018 05:28:23 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKP0lVpOCx/Vyq1aKVbyM155lDcOq167mlySrZBNEvr66BT9jlCHV4h5AUgU1jr+iQmKREU X-Received: by 2002:a17:902:d706:: with SMTP id w6-v6mr11061403ply.142.1527856103057; Fri, 01 Jun 2018 05:28:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527856103; cv=none; d=google.com; s=arc-20160816; b=tY8dDyTiv3pCzwIBrxZ11ZMAOOD+K6/CH929Z82yP9nv84idw+2l6hPIglS1PcLcLa E3JKab4CH5n2I4dxpm4/vZl5HA5dk9+qbH+B5+f5WhyK5WlPfRxlksMjHeQq9m76K3Gr dOxFwNrfyyXOoWSFZ+D5zu80StVpc6BS/8UpwZKl6oZS/7ygQAVLcm/i0/Ut2SB5fmBg uMDeq6im/cle+HQV8mDS+F9bzkjMGNNZu8j4EYOI1BKDtnMUrD6qiT0dBfqCr0Worm5Z s9xg/8UY6U/97PXsWmDDjvSs4x0+lwZt55DBfJUWtclI1K8pLknUsiQ9UdUL+q7Vd7+a J0hw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:mime-version:user-agent:date:message-id:subject :from:to:arc-authentication-results; bh=VbX3u4i0ReK/k7VZPnP6j0LDj6FmQpwreP/MK7ptCUQ=; b=fBrOLE5PvOkZRCET2pvr/gxkc65jR0UYPi89oUs7zzAsB2TTj7WTIOBBu8qsJBgkYb sNRcn10ehocLfyYL4JUJxKTf53/vH2IUdoA1lDLRqL0q3M8SM191xLahA2N4XuscYlPI CIplOYWE7iZpzpmKGi/X0h6w2nn7IUCZwsv8l6jCMKPywbKTCbW7kwzhTHmhQ7FF8ccM zxu65mFh+Ngy6OrYe+vvbz0kCI1M9U5DoYLFq4f7+26d6DAvZF2p++KLtKbjnY22mBzr FazP5sAemz4Xld328t97lC7U67Ez10Ik0n7pwGSV1XHJE2b/LMnSrPCRCuDmiBYnaaQF U7ag== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g2-v6si15048064pgq.161.2018.06.01.05.28.08; Fri, 01 Jun 2018 05:28:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751858AbeFAM1m (ORCPT + 99 others); Fri, 1 Jun 2018 08:27:42 -0400 Received: from mout2.freenet.de ([195.4.92.92]:46282 "EHLO mout2.freenet.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750790AbeFAM1k (ORCPT ); Fri, 1 Jun 2018 08:27:40 -0400 X-Greylist: delayed 357 seconds by postgrey-1.27 at vger.kernel.org; Fri, 01 Jun 2018 08:27:40 EDT Received: from [195.4.92.140] (helo=mjail0.freenet.de) by mout2.freenet.de with esmtpa (ID andihartmann@freenet.de) (port 25) (Exim 4.90_1 #2) id 1fOj3u-0006Qc-Ic for linux-kernel@vger.kernel.org; Fri, 01 Jun 2018 14:21:42 +0200 Received: from [::1] (port=54382 helo=mjail0.freenet.de) by mjail0.freenet.de with esmtpa (ID andihartmann@freenet.de) (Exim 4.90_1 #2) id 1fOj3u-0006GR-Ed for linux-kernel@vger.kernel.org; Fri, 01 Jun 2018 14:21:42 +0200 Received: from mx15.freenet.de ([195.4.92.25]:46294) by mjail0.freenet.de with esmtpa (ID andihartmann@freenet.de) (Exim 4.90_1 #2) id 1fOj1l-0001Ax-Ch for linux-kernel@vger.kernel.org; Fri, 01 Jun 2018 14:19:29 +0200 Received: from p200300de53d71800505400fffe15ac42.dip0.t-ipconnect.de ([2003:de:53d7:1800:5054:ff:fe15:ac42]:43396 helo=mail.maya.org) by mx15.freenet.de with esmtpsa (ID andihartmann@freenet.de) (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (port 465) (Exim 4.90_1 #2) id 1fOj1l-0001OE-7R for linux-kernel@vger.kernel.org; Fri, 01 Jun 2018 14:19:29 +0200 Received: internal info suppressed To: LKML From: Andreas Hartmann Subject: Spectre mitigation doesn't seem to work at all?! Message-ID: <141672d1-8dcb-9a84-7f8f-60c7a2c58b07@01019freenet.de> Date: Fri, 1 Jun 2018 14:19:38 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.7 required=5.0 tests=ALL_TRUSTED,PLING_QUERY autolearn=no autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mail.maya.org X-Spam-score: -2.6 X-Spamreport: Action: no action Symbol: FROM_HAS_DN(0.00) Symbol: RCVD_TLS_ALL(0.00) Symbol: FROM_EQ_ENVFROM(0.00) Symbol: TO_MATCH_ENVRCPT_ALL(0.00) Symbol: SUBJECT_ENDS_EXCLAIM(0.00) Symbol: NEURAL_HAM(-2.51) Symbol: RCVD_VIA_SMTP_AUTH(0.00) Symbol: RCPT_COUNT_ONE(0.00) Symbol: MIME_GOOD(-0.10) Symbol: TO_DN_ALL(0.00) Symbol: RCVD_COUNT_TWO(0.00) Symbol: SUBJECT_HAS_QUESTION(0.00) Symbol: MID_RHS_MATCH_FROM(0.00) Symbol: ASN(0.00) Message-ID: 141672d1-8dcb-9a84-7f8f-60c7a2c58b07@01019freenet.de X-FN-Spambar: X-Originated-At: 2003:de:53d7:1800:5054:ff:fe15:ac42!43396 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello! I tested the spectre mitigation of different machines and kernels with https://github.com/crozone/SpectrePoC You can see the results below. My question: Did I miss something? My expectation was, that on base of the output of /sys/devices/system/cpu/vulnerabilities/spectre_v* as shown below the problem should be gone away. But the results seem to tell me something other ... . Thanks Andreas ---------------------------------------------------------------------------------------------------------------------- CPU: AMD Ryzen 7 1700X Eight-Core Processor Bios: BIOS 4011 04/19/2018 - ibpb is listed in /proc/cpuinfo Kernel: 4.14.44-1.1-default cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 Mitigation: Full AMD retpoline, IBPB cat /sys/devices/system/cpu/vulnerabilities/spectre_v1 Mitigation: __user pointer sanitization ./spectre.out Using a cache hit threshold of 80. Build: RDTSCP_SUPPORTED MFENCE_SUPPORTED CLFLUSH_SUPPORTED INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED Reading 40 bytes: Reading at malicious_x = 0xffffffffffdfec18... Success: 0x54=’T’ score=2 Reading at malicious_x = 0xffffffffffdfec19... Success: 0x68=’h’ score=2 Reading at malicious_x = 0xffffffffffdfec1a... Success: 0x65=’e’ score=2 Reading at malicious_x = 0xffffffffffdfec1b... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfec1c... Success: 0x4D=’M’ score=2 Reading at malicious_x = 0xffffffffffdfec1d... Success: 0x61=’a’ score=2 Reading at malicious_x = 0xffffffffffdfec1e... Success: 0x67=’g’ score=2 Reading at malicious_x = 0xffffffffffdfec1f... Success: 0x69=’i’ score=2 Reading at malicious_x = 0xffffffffffdfec20... Success: 0x63=’c’ score=2 Reading at malicious_x = 0xffffffffffdfec21... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfec22... Success: 0x57=’W’ score=2 Reading at malicious_x = 0xffffffffffdfec23... Success: 0x6F=’o’ score=2 Reading at malicious_x = 0xffffffffffdfec24... Success: 0x72=’r’ score=2 Reading at malicious_x = 0xffffffffffdfec25... Success: 0x64=’d’ score=2 Reading at malicious_x = 0xffffffffffdfec26... Success: 0x73=’s’ score=2 Reading at malicious_x = 0xffffffffffdfec27... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfec28... Success: 0x61=’a’ score=2 Reading at malicious_x = 0xffffffffffdfec29... Success: 0x72=’r’ score=2 Reading at malicious_x = 0xffffffffffdfec2a... Success: 0x65=’e’ score=2 Reading at malicious_x = 0xffffffffffdfec2b... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfec2c... Success: 0x53=’S’ score=2 Reading at malicious_x = 0xffffffffffdfec2d... Success: 0x71=’q’ score=2 Reading at malicious_x = 0xffffffffffdfec2e... Success: 0x75=’u’ score=2 Reading at malicious_x = 0xffffffffffdfec2f... Success: 0x65=’e’ score=2 Reading at malicious_x = 0xffffffffffdfec30... Success: 0x61=’a’ score=2 Reading at malicious_x = 0xffffffffffdfec31... Success: 0x6D=’m’ score=2 Reading at malicious_x = 0xffffffffffdfec32... Success: 0x69=’i’ score=2 Reading at malicious_x = 0xffffffffffdfec33... Success: 0x73=’s’ score=2 Reading at malicious_x = 0xffffffffffdfec34... Success: 0x68=’h’ score=2 Reading at malicious_x = 0xffffffffffdfec35... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfec36... Success: 0x4F=’O’ score=2 Reading at malicious_x = 0xffffffffffdfec37... Success: 0x73=’s’ score=2 Reading at malicious_x = 0xffffffffffdfec38... Success: 0x73=’s’ score=2 Reading at malicious_x = 0xffffffffffdfec39... Success: 0x69=’i’ score=2 Reading at malicious_x = 0xffffffffffdfec3a... Success: 0x66=’f’ score=2 Reading at malicious_x = 0xffffffffffdfec3b... Success: 0x72=’r’ score=2 Reading at malicious_x = 0xffffffffffdfec3c... Success: 0x61=’a’ score=2 Reading at malicious_x = 0xffffffffffdfec3d... Success: 0x67=’g’ score=2 Reading at malicious_x = 0xffffffffffdfec3e... Success: 0x65=’e’ score=2 Reading at malicious_x = 0xffffffffffdfec3f... Success: 0x2E=’.’ score=2 ---------------------------------------------------------------------------------------------------------------------- CPU: AMD G-T40E Processor Kernel: 4.14.44-1.el6.x86_64 cat /sys/devices/system/cpu/vulnerabilities/spectre_v1 Mitigation: __user pointer sanitization cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 Mitigation: Full AMD retpoline ./spectre.out 130 Using a cache hit threshold of 130. Build: RDTSCP_SUPPORTED MFENCE_SUPPORTED CLFLUSH_SUPPORTED INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED Reading 40 bytes: Reading at malicious_x = 0xffffffffffdfebf0... Unclear: 0x54=’T’ score=999 (second best: 0x00=’?’ score=992) Reading at malicious_x = 0xffffffffffdfebf1... Unclear: 0x68=’h’ score=996 (second best: 0x00=’?’ score=988) Reading at malicious_x = 0xffffffffffdfebf2... Unclear: 0x65=’e’ score=999 (second best: 0x00=’?’ score=985) Reading at malicious_x = 0xffffffffffdfebf3... Unclear: 0x20=’ ’ score=997 (second best: 0x00=’?’ score=989) Reading at malicious_x = 0xffffffffffdfebf4... Unclear: 0x4D=’M’ score=999 (second best: 0x00=’?’ score=993) Reading at malicious_x = 0xffffffffffdfebf5... Unclear: 0x61=’a’ score=998 (second best: 0x00=’?’ score=991) Reading at malicious_x = 0xffffffffffdfebf6... Unclear: 0x67=’g’ score=996 (second best: 0x00=’?’ score=988) Reading at malicious_x = 0xffffffffffdfebf7... Unclear: 0x69=’i’ score=998 (second best: 0x00=’?’ score=987) Reading at malicious_x = 0xffffffffffdfebf8... Unclear: 0x63=’c’ score=999 (second best: 0x00=’?’ score=989) Reading at malicious_x = 0xffffffffffdfebf9... Unclear: 0x20=’ ’ score=999 (second best: 0x00=’?’ score=989) Reading at malicious_x = 0xffffffffffdfebfa... Unclear: 0x57=’W’ score=998 (second best: 0x5B=’[’ score=985) Reading at malicious_x = 0xffffffffffdfebfb... Unclear: 0x6F=’o’ score=998 (second best: 0x00=’?’ score=988) Reading at malicious_x = 0xffffffffffdfebfc... Unclear: 0x00=’?’ score=985 (second best: 0xF7=’?’ score=942) Reading at malicious_x = 0xffffffffffdfebfd... Unclear: 0x64=’d’ score=999 (second best: 0x00=’?’ score=990) Reading at malicious_x = 0xffffffffffdfebfe... Unclear: 0x73=’s’ score=998 (second best: 0x00=’?’ score=984) Reading at malicious_x = 0xffffffffffdfebff... Unclear: 0x20=’ ’ score=998 (second best: 0x00=’?’ score=985) Reading at malicious_x = 0xffffffffffdfec00... Unclear: 0x61=’a’ score=999 (second best: 0x00=’?’ score=984) Reading at malicious_x = 0xffffffffffdfec01... Unclear: 0x72=’r’ score=999 (second best: 0x00=’?’ score=986) Reading at malicious_x = 0xffffffffffdfec02... Unclear: 0x65=’e’ score=998 (second best: 0x00=’?’ score=980) Reading at malicious_x = 0xffffffffffdfec03... Unclear: 0x20=’ ’ score=998 (second best: 0x00=’?’ score=992) Reading at malicious_x = 0xffffffffffdfec04... Unclear: 0x53=’S’ score=997 (second best: 0x50=’P’ score=990) Reading at malicious_x = 0xffffffffffdfec05... Unclear: 0x71=’q’ score=998 (second best: 0x00=’?’ score=984) Reading at malicious_x = 0xffffffffffdfec06... Unclear: 0x75=’u’ score=999 (second best: 0x72=’r’ score=976) Reading at malicious_x = 0xffffffffffdfec07... Unclear: 0x65=’e’ score=999 (second best: 0x00=’?’ score=988) Reading at malicious_x = 0xffffffffffdfec08... Unclear: 0x61=’a’ score=999 (second best: 0x00=’?’ score=986) Reading at malicious_x = 0xffffffffffdfec09... Unclear: 0x6D=’m’ score=999 (second best: 0x00=’?’ score=987) Reading at malicious_x = 0xffffffffffdfec0a... Unclear: 0x69=’i’ score=998 (second best: 0x00=’?’ score=987) Reading at malicious_x = 0xffffffffffdfec0b... Unclear: 0x73=’s’ score=984 (second best: 0x00=’?’ score=974) Reading at malicious_x = 0xffffffffffdfec0c... Unclear: 0x00=’?’ score=991 (second best: 0xB4=’?’ score=933) Reading at malicious_x = 0xffffffffffdfec0d... Unclear: 0x20=’ ’ score=999 (second best: 0x00=’?’ score=986) Reading at malicious_x = 0xffffffffffdfec0e... Unclear: 0x4F=’O’ score=998 (second best: 0x50=’P’ score=991) Reading at malicious_x = 0xffffffffffdfec0f... Unclear: 0x73=’s’ score=999 (second best: 0x00=’?’ score=987) Reading at malicious_x = 0xffffffffffdfec10... Unclear: 0x73=’s’ score=998 (second best: 0x00=’?’ score=971) Reading at malicious_x = 0xffffffffffdfec11... Unclear: 0x69=’i’ score=999 (second best: 0x00=’?’ score=980) Reading at malicious_x = 0xffffffffffdfec12... Unclear: 0x66=’f’ score=998 (second best: 0x00=’?’ score=978) Reading at malicious_x = 0xffffffffffdfec13... Unclear: 0x72=’r’ score=995 (second best: 0x00=’?’ score=981) Reading at malicious_x = 0xffffffffffdfec14... Unclear: 0x61=’a’ score=996 (second best: 0x00=’?’ score=971) Reading at malicious_x = 0xffffffffffdfec15... Unclear: 0x67=’g’ score=999 (second best: 0x00=’?’ score=975) Reading at malicious_x = 0xffffffffffdfec16... Unclear: 0x65=’e’ score=999 (second best: 0x00=’?’ score=984) Reading at malicious_x = 0xffffffffffdfec17... Unclear: 0x2E=’.’ score=999 (second best: 0x00=’?’ score=987) --------------------------------------------------------------------------------------------------------------------- CPU: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Kernel: 4.16.5-13.1-default cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 Mitigation: Full generic retpoline cat /sys/devices/system/cpu/vulnerabilities/spectre_v1 Mitigation: __user pointer sanitization ./spectre.out Using a cache hit threshold of 80. Build: RDTSCP_SUPPORTED MFENCE_SUPPORTED CLFLUSH_SUPPORTED INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED Reading 40 bytes: Reading at malicious_x = 0xffffffffffdfebe8... Success: 0x54=’T’ score=2 Reading at malicious_x = 0xffffffffffdfebe9... Success: 0x68=’h’ score=2 Reading at malicious_x = 0xffffffffffdfebea... Success: 0x65=’e’ score=2 Reading at malicious_x = 0xffffffffffdfebeb... Success: 0x20=’ ’ score=7 (second best: 0x21=’!’ score=1) Reading at malicious_x = 0xffffffffffdfebec... Success: 0x4D=’M’ score=2 Reading at malicious_x = 0xffffffffffdfebed... Success: 0x61=’a’ score=2 Reading at malicious_x = 0xffffffffffdfebee... Success: 0x67=’g’ score=2 Reading at malicious_x = 0xffffffffffdfebef... Success: 0x69=’i’ score=7 (second best: 0xB2=’?’ score=1) Reading at malicious_x = 0xffffffffffdfebf0... Success: 0x63=’c’ score=2 Reading at malicious_x = 0xffffffffffdfebf1... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfebf2... Success: 0x57=’W’ score=2 Reading at malicious_x = 0xffffffffffdfebf3... Success: 0x6F=’o’ score=2 Reading at malicious_x = 0xffffffffffdfebf4... Success: 0x72=’r’ score=2 Reading at malicious_x = 0xffffffffffdfebf5... Success: 0x64=’d’ score=2 Reading at malicious_x = 0xffffffffffdfebf6... Success: 0x73=’s’ score=2 Reading at malicious_x = 0xffffffffffdfebf7... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfebf8... Success: 0x61=’a’ score=2 Reading at malicious_x = 0xffffffffffdfebf9... Success: 0x72=’r’ score=7 (second best: 0x22=’"’ score=1) Reading at malicious_x = 0xffffffffffdfebfa... Success: 0x65=’e’ score=2 Reading at malicious_x = 0xffffffffffdfebfb... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfebfc... Success: 0x53=’S’ score=2 Reading at malicious_x = 0xffffffffffdfebfd... Success: 0x71=’q’ score=2 Reading at malicious_x = 0xffffffffffdfebfe... Success: 0x75=’u’ score=2 Reading at malicious_x = 0xffffffffffdfebff... Success: 0x65=’e’ score=2 Reading at malicious_x = 0xffffffffffdfec00... Success: 0x61=’a’ score=2 Reading at malicious_x = 0xffffffffffdfec01... Success: 0x6D=’m’ score=2 Reading at malicious_x = 0xffffffffffdfec02... Success: 0x69=’i’ score=2 Reading at malicious_x = 0xffffffffffdfec03... Success: 0x73=’s’ score=2 Reading at malicious_x = 0xffffffffffdfec04... Success: 0x68=’h’ score=2 Reading at malicious_x = 0xffffffffffdfec05... Success: 0x20=’ ’ score=2 Reading at malicious_x = 0xffffffffffdfec06... Success: 0x4F=’O’ score=2 Reading at malicious_x = 0xffffffffffdfec07... Success: 0x73=’s’ score=2 Reading at malicious_x = 0xffffffffffdfec08... Success: 0x73=’s’ score=2 Reading at malicious_x = 0xffffffffffdfec09... Success: 0x69=’i’ score=2 Reading at malicious_x = 0xffffffffffdfec0a... Success: 0x66=’f’ score=2 Reading at malicious_x = 0xffffffffffdfec0b... Success: 0x72=’r’ score=2 Reading at malicious_x = 0xffffffffffdfec0c... Success: 0x61=’a’ score=2 Reading at malicious_x = 0xffffffffffdfec0d... Success: 0x67=’g’ score=7 (second best: 0x42=’B’ score=1) Reading at malicious_x = 0xffffffffffdfec0e... Success: 0x65=’e’ score=2 Reading at malicious_x = 0xffffffffffdfec0f... Success: 0x2E=’.’ score=2