Displaying 20 results from an estimated 20000 matches similar to: "Status of Intel JCC Mitigations and Next Steps"
2020 Mar 25
3
Status of Intel JCC Mitigations and Next Steps
FWIW I'm with Eli here if you need any more data points.
-eric
On Tue, Mar 24, 2020 at 8:21 PM Eli Friedman via llvm-dev <
llvm-dev at lists.llvm.org> wrote:
> Changing the length of a sequence of assembly instructions will break
> someone’s code at some point. The length of a sequence of instructions is
> known, in general, and people will write code to take advantage of
2020 Mar 25
2
Status of Intel JCC Mitigations and Next Steps
I agree we shouldn’t try to guess what the user is trying to do. There shouldn’t be an unbounded set of heuristic rules; “documented” implies some sort of promise of stability in addition to the actual text in the manual. And we shouldn’t try to guess whether the user’s code cares about the length of a specific instruction.
I think you’re creating a false dichotomy here, though. There’s some
2020 Feb 28
5
A Propeller link (similar to a Thin Link as used by ThinLTO)?
I met with the Propeller team today (we work for the same company but it
was my first time meeting two members on the team:) ).
One thing I have been reassured:
* There is no general disassembly work. General
disassembly work would assuredly frighten off developers. (Inherently
unreliable, memory usage heavy and difficult to deal with CFI, debug
information, etc)
Minimal amount of plumbing work
2019 Dec 04
2
Discuss about the LLVM SW mitigation to Jump Conditional Code Erratum
I will reply those comments tomorrow.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20191204/f1111299/attachment.html>
2018 Feb 06
2
add Spectre variant 2 mitigations
On 6 February 2018 at 20:09, David Newall <openssh at davidnewall.com> wrote:
> Do we need to do anything? It's not clear to me how SSH is vulnerable to
> Spectre -- that is, how SSH can be used to execute a Spectre attack?
I am more concerned with it being the target of a Spectre style
attack. There's some long lived private data (host keys in the case
of sshd, session keys
2019 Jun 12
1
Speculative attack mitigations
Hi folks,
Firstly; apologies in advance for what is a head wrecker of keeping on top of the speculative mitigations and also if this is a duplicate email; my first copy didn't seem to make it into the archive. Also a disclaimer that I may have misunderstood elements of the below but please bear with me.
I write this hoping to find out a bit more about the state of the relevant kernel
2020 Mar 25
2
[RFC] Speculative Execution Side Effect Suppression for Mitigating Load Value Injection
I'm also a bit unclear on that point. I think one input here has to be:
what are some example, existing codebases we want to mitigate, and what
should the user experience be to mitigate them? I don't think we can make
good engineering tradeoffs without having concrete use cases to evaluate.
Another point: it seems some mitigation options have already been added to
the GNU toolchain
2020 Mar 20
2
[RFC] Speculative Execution Side Effect Suppression for Mitigating Load Value Injection
Hi everyone!
I want to clarify the purpose and design of SESES. Thus far, I've
characterized it as an LVI mitigation which is somewhat incorrect.
SESES was built as a "big hammer." It is intended to protect against many
side channel vulnerabilities (Spectre v1, Spectre v4, LVI, etc, etc) even
though it was built in response to LVI.
For folks protecting against LVI, this is an
2020 Aug 07
2
[RFC] Zeroing Caller Saved Regs
On Fri, Aug 7, 2020 at 1:18 AM David Chisnall
<David.Chisnall at cl.cam.ac.uk> wrote:
> I think it would be useful for the discussion to have a clear threat model that this intends to defend against and a rough analysis of the security benefits that this is believed to bring.
I view this as being even more about a ROP defense. Dealing with spill
slots is, IMO, a separate issue, more
2020 Jun 08
2
Mitigating straight-line speculation vulnerability CVE-2020-13844
Hi,
A new speculative cache side-channel vulnerability has been published at
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation,
named "straight-line speculation”, CVE-2020-13844.
In this email, I'd like to explain the toolchain mitigation we've prepared
to mitigate against this vulnerability for AArch64.
2020 Nov 11
1
[RFC] A value-tracking LiveDebugValues implementation
Hi Xiang,
On Wed, Nov 11, 2020 at 1:59 AM Zhang, Xiang1 <xiang1.zhang at intel.com> wrote:
> Jeremy wrote:
> > ... The value %0 is live up to and including the ADD64ri but not past it, meaning LLVM today will drop the DBG_VALUE ...
>
> Just a little puzzle about the " drop the DBG_VALUE ", maybe I didn't get your key point,
>
2018 Mar 16
2
spectre variant 2
Hi all!
I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU.
I note that when I run the redhat script to test for spectre & meltdown
I get this result for variant 2:
Variant #2 (Spectre): Vulnerable
CVE-2017-5715 - speculative execution branch target injection
- Kernel with mitigation patches: OK
- HW support / updated microcode: NO
- IBRS: Not disabled on
2020 Mar 10
2
[RFC] Speculative Execution Side Effect Suppression for Mitigating Load Value Injection
Hi everyone,
Some Intel processors have a newly disclosed vulnerability named Load Value
Injection.
One pager on Load Value Injection:
https://software.intel.com/security-software-guidance/software-guidance/load-value-injection
Deep dive on Load Value Injection:
https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection
I wrote this compiler pass that can
2020 Apr 22
3
[cfe-dev] More verbose -mspeculative-load-hardening
Hi
I think llvm-dev list (CC'ed) have more visibility in this.
On Wed, 22 Apr 2020 at 22:18, milsegv via cfe-dev <cfe-dev at lists.llvm.org>
wrote:
> Hello everyone,
>
> It may not be the best place to ask this but I found nothing on the
> internet about it.
> I'm working on Spectre V1 detection and stumbled upon the mitigation
> provided by clang, the
2018 Aug 06
2
[RFC 0/4] Virtio uses DMA API for all devices
On 08/05/2018 05:54 AM, Michael S. Tsirkin wrote:
> On Fri, Aug 03, 2018 at 08:21:26PM -0500, Benjamin Herrenschmidt wrote:
>> On Fri, 2018-08-03 at 22:08 +0300, Michael S. Tsirkin wrote:
>>>>>> Please go through these patches and review whether this approach broadly
>>>>>> makes sense. I will appreciate suggestions, inputs, comments regarding
2018 Aug 06
2
[RFC 0/4] Virtio uses DMA API for all devices
On 08/05/2018 05:54 AM, Michael S. Tsirkin wrote:
> On Fri, Aug 03, 2018 at 08:21:26PM -0500, Benjamin Herrenschmidt wrote:
>> On Fri, 2018-08-03 at 22:08 +0300, Michael S. Tsirkin wrote:
>>>>>> Please go through these patches and review whether this approach broadly
>>>>>> makes sense. I will appreciate suggestions, inputs, comments regarding
2018 Aug 06
2
[RFC 0/4] Virtio uses DMA API for all devices
On Mon, Aug 06, 2018 at 04:36:43PM +0300, Michael S. Tsirkin wrote:
> On Mon, Aug 06, 2018 at 02:32:28PM +0530, Anshuman Khandual wrote:
> > On 08/05/2018 05:54 AM, Michael S. Tsirkin wrote:
> > > On Fri, Aug 03, 2018 at 08:21:26PM -0500, Benjamin Herrenschmidt wrote:
> > >> On Fri, 2018-08-03 at 22:08 +0300, Michael S. Tsirkin wrote:
> >
2018 Aug 06
2
[RFC 0/4] Virtio uses DMA API for all devices
On Mon, Aug 06, 2018 at 04:36:43PM +0300, Michael S. Tsirkin wrote:
> On Mon, Aug 06, 2018 at 02:32:28PM +0530, Anshuman Khandual wrote:
> > On 08/05/2018 05:54 AM, Michael S. Tsirkin wrote:
> > > On Fri, Aug 03, 2018 at 08:21:26PM -0500, Benjamin Herrenschmidt wrote:
> > >> On Fri, 2018-08-03 at 22:08 +0300, Michael S. Tsirkin wrote:
> >
2018 Feb 05
2
add Spectre variant 2 mitigations
Hi.
Both GCC and clang are adding mitigations for Spectre variant 2 although
neither have yet made a release and neither are on by default.
After trolling through and building release candidate branches for both
I believe this is what is required for the ssh programs (although all
the dependent libraries will also need to be built with mitigations, and
I suspect libcrypto is a more likely
2018 Mar 23
5
RFC: Speculative Load Hardening (a Spectre variant #1 mitigation)
Hello all,
I've been working for the last month or so on a comprehensive mitigation
approach to variant #1 of Spectre. There are a bunch of reasons why this is
desirable:
- Critical software that is unlikely to be easily hand-mitigated (or where
the performance tradeoff isn't worth it) will have a compelling option.
- It gives us a baseline on performance for hand-mitigation.
- Combined