On Wed, 2018-01-03 at 19:31 -0700, stan wrote: > On Wed, 03 Jan 2018 17:59:11 -0800 > Adam Williamson <adamwill@xxxxxxxxxxxxxxxxx> wrote: > > > On Wed, 2018-01-03 at 17:48 -0800, Adam Williamson wrote: > > > The initial reporting that only Intel CPUs were affected was > > > entirely wrong. > > I think you are conflating exploits. The original exploit, called > meltdown or kaiser or kopti, was only against intel CPUs and exploited > security escalation in speculative execution. Rather, I am not concerning myself with individual exploits with cute names, because that's sort of a silly way to look at things, in my opinion. The actual truth of how this went down - as I understand it - is just not "there was an original exploit and now there's another exploit". The truth is that some folks at Google and later at other places noticed (quite a long time ago - early last year, I believe) that there's a general category of potential exploits against an optimization technique used by most or all modern CPUs, and have since been working to explore the details of exactly how the technique can be exploited on various microarchitectures, and importantly, how it can be *mitigated* on all those microarchitectures. While this was going on - behind a disclosure embargo - The Register got wind of it and published a half-assed story which rather confused one *specific* weaponizable PoC exploit against Intel CPUs which had been developed in the course of this research (and has subsequently been given a cute name and a CVE ID) with the entire *class* of potential exploits, leading to an immediate barrage of reporting along the lines that "the problem" "only affects Intel". This has forced the researchers and kernel devs who were working to deal with this situation to jump through the disclosure and patching process faster and sooner and less completely than they actually intended: from the snatches of chat I've caught, it seems there was an intent to release a rather more comprehensive set of mitigations in perhaps a month's time, with co-ordinated disclosure. If you are, for some reason, only concerned about *one specific exploit* it is technically true to say that that exploit only affects Intel CPUs, but this a rather distorted view of the actual situation, as I understand it. I am happy to be corrected by any folks who've been working on this and are in the know, of course, if I'm wrong. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
