From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk0-x234.google.com (mail-qk0-x234.google.com [IPv6:2607:f8b0:400d:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id C82E23B2A4 for ; Thu, 4 Jan 2018 16:40:29 -0500 (EST) Received: by mail-qk0-x234.google.com with SMTP id q14so3708694qke.7 for ; Thu, 04 Jan 2018 13:40:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=rLzLTQWWHMuWpK1ZQK+1S18/Umctjb783KHL97qC/pI=; b=kt86g/ErKsvXWbDh2i1zbnKKVAGMvLgH8uChc+JgzBKb7dTe8oygyOSCvj+TfwW4u4 Z6qWRqaixrz/VVzps/yOS8NM9fjVjI5vgxLDJRnMfn+9Z0oW1GB8JpXwmnc+f4KHrz5Y iVv+tECTSW1AGi/TG9UNvpuq3MwcMI/LcnTDP3iwMUnl+1w0UF92fbXEFMOGG1y0PSsc qgrSUkx7nLZrwpCVKkCXl4TRtC0aNH+pyrARChspHpwUIQCmpn3CL+N+ZUszGyyv5KFn hDmzJ6R+G4I7Z40BJyVqj8mzDFmpYSfTm6XhECatOEC9vZJtmaAfYLoos5QwDmAjTPfG Czew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=rLzLTQWWHMuWpK1ZQK+1S18/Umctjb783KHL97qC/pI=; b=I9D0fKDSatQhtiss2FnK7Zqwg6cZDOHNIXdiCktT/4d2dNAIK/oqs5Pysy34u1BKlf 0t70BsHETfwKOTpJTX9ck1SjtKfWbsJbBcKka8p4DigGRRyaxLV2MM8PfcGrPI3uOm/8 Ue4Z3+tfEbsZ7gubtRf7cYNC/rxoqRQOpjRqG3isYyhygstJqmdXdaIGiFN7bXOQnEyF J9TIQwqYgz+k5fBLhwFGI01He8xzHx05KFwsPsHf1HzDf7GfQbYnUUxvuxDjNeyGS+kw VOY6dbUOLeDAY2TNGuj5LlcCFAmBlwvvwNthEoEFe875r2hldztldenbekh+48OqAKGB WK1g== X-Gm-Message-State: AKwxytdUGfQQXoSM9+iTFMWdEpzddtZV606W8G/C6PE7AEGVuhkQQCz2 nrrfSe7BBRIENf+KHUJ97ToMF+AyLRrDM1gm+3U= X-Google-Smtp-Source: ACJfBosgrXcnZGCY9nCivjoNuBWG2Jo4wetYmIHYwkfe01/eVqT7P5kIDfZjnnNwL6ltTQjIqHBfxLxydOg+Yr1Dw8g= X-Received: by 10.55.128.131 with SMTP id b125mr1320624qkd.17.1515102029036; Thu, 04 Jan 2018 13:40:29 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.193.93 with HTTP; Thu, 4 Jan 2018 13:40:28 -0800 (PST) In-Reply-To: <1515097734.30384822@apps.rackspace.com> References: <2D7460E1-C724-4DAE-86CA-2D48AB2DAFE5@gmail.com> <1515097734.30384822@apps.rackspace.com> From: Dave Taht Date: Thu, 4 Jan 2018 13:40:28 -0800 Message-ID: To: "dpreed@deepplum.com" Cc: Jonathan Morton , cerowrt-devel@lists.bufferbloat.net Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [Cerowrt-devel] KASLR: Do we have to worry about other arches than x86? X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jan 2018 21:40:30 -0000 On Thu, Jan 4, 2018 at 12:28 PM, dpreed@deepplum.com wrote: > Depending on how you set up your "home router", you might allow "infected= " > or "trojan" programs to run in userspace there. I wouldn't do that, becau= se > hardware is cheap. But some people like to throw all kinds of server code > into their router setups - even stuff like node.js servers. I do not know if lua-jit is used in lede or openwrt these days, but since so far as I recall the web server runs as root anyway, once you have any control of that you are nearly home free in the first place. > > > > The really core issue with Meltdown at the highest level is that the kern= el > is addressable from userspace, except for the "privilege level" in the pa= ge > table entries. That's a couple of bits between userspace and data that > userspace isn't supposed to ever see. And those bits are ignored during > specutlative execution's memory accesses. It is really bad news for cloudy multi-tenant devices, but to a huge extent that market can more rapidly adapt than anywhere else. A fear is that millions of formerly high end and insecure chips are in the pipeline and that they will get dumped into any market that will take them, which certainly includes IoT. It's hard to imagine shipments of any of 'em actually stopping for any reason, or being dumped in the ocean on entrance to the country, like some form of TwEAk party. And despite the patches ongoing, it's not clear to me if the door can ever be completely shut on this past generation of hardware still deployed, I'm still looking over the interrupt related portions and scratching my head. Significantly limit, yes, close, no. I guess I'm hoping for simple patches to the microcode to arrive next week, even simply stuff to disable the branch predictor or speculative execution, something simple, slow, and sane. > > > > -----Original Message----- > From: "Dave Taht" > Sent: Thursday, January 4, 2018 9:53am > To: "Jonathan Morton" > Cc: cerowrt-devel@lists.bufferbloat.net > Subject: Re: [Cerowrt-devel] KASLR: Do we have to worry about other arche= s > than x86? > > On Thu, Jan 4, 2018 at 6:49 AM, Jonathan Morton > wrote: >>> On 4 Jan, 2018, at 3:59 pm, Dave Taht wrote: >>> >>> Alan cox has been doing a good job of finding the good stuff. Power >>> and the IBM z-series are also affected. >> >> Conversely, the ARM-1176, Cortex-A7 and Cortex-A53 cores used by various >> iterations of the Raspberry Pi are not affected. These are all in-order >> execution CPUs with short pipelines, and I think they're representative = of >> what you'd want in CPE. > > Well, I'd hope that this string of bugs stalls deployment of more > advanced arches in this space until the speculative execution bugs are > fully resolved. > > (and I *vastly* prefer short pipelines) > >> - Jonathan Morton >> > > > > -- > > Dave T=C3=A4ht > CEO, TekLibre, LLC > http://www.teklibre.com > Tel: 1-669-226-2619 > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel --=20 Dave T=C3=A4ht CEO, TekLibre, LLC http://www.teklibre.com Tel: 1-669-226-2619