[GIT pull] Slow Randomizing Boosts Denial of Service

Historical speck list archives
 help / color / mirror / Atom feed

From: Thomas Gleixner <tglx@linutronix.de>
To: speck@linutronix.de
Subject: [GIT pull] Slow Randomizing Boosts Denial of Service
Date: Sun, 07 Jun 2020 23:06:34 +0200	[thread overview]
Message-ID: <875zc2bn6t.fsf@nanos.tec.linutronix.de> (raw)

[-- Attachment #1: Type: text/plain, Size: 1058 bytes --]

Subject: [GIT pull] x86/srbds: Special Register Buffer Data Sampling (SRBDS)

Linus,

please pull the x86/srbds branch from:

   git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86/srbds

up to: 3798cc4d106e ("x86/speculation: Add Ivy Bridge to affected list")

The 9th episode of the dime novel "The performance killer" with the
subtitle "Slow Randomizing Boosts Denial of Service".

SRBDS is an MDS-like speculative side channel that can leak bits from the
random number generator (RNG) across cores and threads. New microcode
serializes the processor access during the execution of RDRAND and
RDSEED. This ensures that the shared buffer is overwritten before it is
released for reuse.

The mitigation support comes with the usual pile of unpleasent
ingredients:

 - command line options
 - sysfs file
 - microcode checks
 - a list of vulnerable CPUs

Thanks,

        tglx
---
P.S. : The virtual tip branch is attached as bundle, based on
       5.7-rc2 and still merges fine into mainline.

P.P.S: The backports will come in a separate mail.

[-- Attachment #2: srbds-master --]
[-- Type: application/octet-stream, Size: 10841 bytes --]

next             reply	other threads:[~2020-06-07 21:06 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-06-07 21:06 Thomas Gleixner [this message]
2020-06-07 21:13 ` [GIT backports] Slow Randomizing Boosts Denial of Service Thomas Gleixner
2020-06-08 12:41   ` [MODERATED] " Greg KH
2020-06-07 21:19 ` [GIT pull] " Thomas Gleixner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=875zc2bn6t.fsf@nanos.tec.linutronix.de \
    --to=tglx@linutronix.de \
    --cc=speck@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).