Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp3368447imm; Mon, 4 Jun 2018 02:20:15 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIVB/sAZSmbiF3xWISEgB33F+HMrlQHeIwNgKpMpuz3Zd6Jzx6nN3L9H1hDha8os3oruc5T X-Received: by 2002:a63:8dca:: with SMTP id z193-v6mr16600412pgd.451.1528104015932; Mon, 04 Jun 2018 02:20:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528104015; cv=none; d=google.com; s=arc-20160816; b=R6scX/depVIfiL/cDL8XfOJsUqVxRwuTRXxA7ap5Jxs6tIR+PcPAWIxy8xfJUAVvN0 plgOt/tDmogMUyo9+6o0lhDCShN+hvqmjMpKxZn636pL9xphUaOTF4h80yM8MDdr9zKn pFPzDQKfr5an+4C6Xuyi+QRAphZ7SlnUT5lqKnqYJp3RcnC5NQj78l1Mo7ucsdXEPL+z 6dVt4zMpmIvpMKu42P6FE1+c28mhQezm4l8r9NQB31KlHKp9/txUcOqm0PaeVTxKe9iz 5jxBmu6ck/J0Gv/KJCJpRs3DgnFkLss8NsmywNZLkSp+XAWqxnEZYef70RbzqahNjnBf LOwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=JNBFPW0pHVcSY6jRX+etcgwXcnfPqchMg+B6BILKM9w=; b=kPKoagQRLa1J34z1aT2Q/pHLSmJjR8/oSBkLqz5oGBbNaK4C0DPRi1/fdBKBfI8Xdh zl5PmKrTK5sV0iNBTvnPatltJJ1uXe1AtNKFYwt+dhFNaPFBSNTg7SFztsHPoOI24ITM Fr02yhAP8NhNw/ieE2ZjHBhFsDRsD57E2NbI9KeBvs/3KzMRqnBxix/zJO3R+Wj6QC7j RrOXCImrBNN1hrOI64FeR+nWA/9UR+xX8GxDbIRQ+Sa/H16BJ5f6dqA81/sAYrNY/gcj JejsM8Aq7S8xlCZaUQTX3tMt7ER5AqYSRVUgBszQWnSNRbDK0kdbbjzFVZ3qbEg34+a2 5iuQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g13-v6si3109289pgo.121.2018.06.04.02.20.01; Mon, 04 Jun 2018 02:20:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751796AbeFDJTh (ORCPT + 99 others); Mon, 4 Jun 2018 05:19:37 -0400 Received: from foss.arm.com ([217.140.101.70]:40588 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750868AbeFDJTg (ORCPT ); Mon, 4 Jun 2018 05:19:36 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B027A1529; Mon, 4 Jun 2018 02:19:35 -0700 (PDT) Received: from salmiak (usa-sjc-mx-foss1.foss.arm.com [217.140.101.70]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id C87D63F557; Mon, 4 Jun 2018 02:19:34 -0700 (PDT) Date: Mon, 4 Jun 2018 10:19:31 +0100 From: Mark Rutland To: Andreas Hartmann Cc: Peter Zijlstra , LKML Subject: Re: Spectre mitigation doesn't seem to work at all?! Message-ID: <20180604091931.sziimdeei54jgwzn@salmiak> References: <141672d1-8dcb-9a84-7f8f-60c7a2c58b07@01019freenet.de> <20180604081502.GE12258@hirez.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170113 (1.7.2) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 04, 2018 at 10:50:07AM +0200, Andreas Hartmann wrote: > Hello Peter, > > thanks for your answer! I appreciate it! > > On 06/04/2018 at 10:15 AM Peter Zijlstra wrote: > > On Fri, Jun 01, 2018 at 02:19:38PM +0200, Andreas Hartmann wrote: > > > >> I tested the spectre mitigation of different machines and kernels with > >> https://github.com/crozone/SpectrePoC > >> > >> You can see the results below. > > > >> My question: Did I miss something? > > > > Yes. > > > >> Build: ... INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED > >> Build: ... INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED > >> Build: ... INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED > > > > ^^^^^^^^ ^^^^^^^^ > > > > The POC is a v1 on itself. V1 needs to be fixed for every individual > > executable (worse, for every individual location in the code, and we're > > still finding them). The kernel mitigation status for v1 only indicates > > the kernel itself has mitigations (for some locations). > > > > The POC is meant to test effectiveness of these mitigations, either the > > original LFENCE or the dependent instruction thing, but you have to > > enable one or the other. > > Ok, this means every program running on the machine has to care itself > to be spectre v1 - safe. Correct. Primiarily this matters for things like JITs, where untrusted code may be run in the same address space as sensitive data. > A malicious program most probably won't care about that. Therefore, my > next question is: which memory regions can be exploited by a malicious > program? The complete physical memory or only the memory provided to the > malicious program? Should be the latter if this approach should have any > impact. Assuming you have a CPU which is not vulnerable to meltdown / variant-3, or you have mitigated this, (e.g. with KPTI), a malicious program can only access data within its own address space. Spectre variant-1 alone only gives access to memory in the address space of the program itself. Thanks, Mark.