On Mon 2019-03-11 14:05:07, Thomas Gleixner wrote:
> On Mon, 11 Mar 2019, Pavel Machek wrote:
> > On Thu 2019-01-03 00:51:52, Pavel Machek wrote:
> > > Hi!
> > >
> > > > The next round of speculation-related issues including the scary L1TF
> > > > hardware bug was a way more "pleasant" experience to work on. While for
> > > > obvious reasons the mitigation development happened behind closed doors in
> > > > a smaller group of people, we were at least able to collaborate in a way
> > > > which is somehow close to what we are used to.
> > >
> > > Ok, I guess L1TF was a lot of fun, and there was not time for a good
> > > documentation.
> > >
> > > There's admin guide that is written as an advertisment, and
>
> What's advertisement there?
"No problem here, no performance issues, nothing to be seen unless you
are running VM."
> > > unfortunately is slightly "inaccurate" at places (to the point of
> > > lying).
>
> Huch? Care to tell what's a lie instead of making bold statements?
Take a care to look at the patch I submitted?
Lie:
# A system with an up to date kernel is protected against attacks from
# malicious user space applications.
3GB system running 32bit kernel is not protected. Same is true for for
really big 64bit systems.
If I do what dmesg suggests, this becomes untrue:
# The Linux kernel contains a mitigation for this attack vector, PTE
# inversion, which is permanently enabled and has no performance
# impact.
Limiting memory to 2GB _is_ going to have severe perfomance impact.
Pavel
commit 9664b4dabdb132433a6843aefe05814953f1342f
Author: Pavel <pavel@xxxxxx>
Date: Thu Jan 3 00:48:40 2019 +0100
Ok, I guess L1TF was a lot of fun, and there was not time for a good
documentation.
There's admin guide that is written as an advertisment, and
unfortunately is slightly "inaccurate" at places (to the point of
lying).
Plus, I believe it should go to x86/ directory, as this is really
Intel issue, and not anything ARM (or RISC-V) people need to know.
Signed-off-by: Pavel Machek <pavel@xxxxxx>
diff --git a/Documentation/admin-guide/l1tf.rst b/Documentation/admin-guide/l1tf.rst
index 9af9773..05c5422 100644
--- a/Documentation/admin-guide/l1tf.rst
+++ b/Documentation/admin-guide/l1tf.rst
@@ -1,10 +1,11 @@
L1TF - L1 Terminal Fault
========================
-L1 Terminal Fault is a hardware vulnerability which allows unprivileged
-speculative access to data which is available in the Level 1 Data Cache
-when the page table entry controlling the virtual address, which is used
-for the access, has the Present bit cleared or other reserved bits set.
+L1 Terminal Fault is a hardware vulnerability on most recent Intel x86
+CPUs which allows unprivileged speculative access to data which is
+available in the Level 1 Data Cache when the page table entry
+controlling the virtual address, which is used for the access, has the
+Present bit cleared or other reserved bits set.
Affected processors
-------------------
@@ -76,12 +77,14 @@ Attack scenarios
deterministic and more practical.
The Linux kernel contains a mitigation for this attack vector, PTE
- inversion, which is permanently enabled and has no performance
- impact. The kernel ensures that the address bits of PTEs, which are not
- marked present, never point to cacheable physical memory space.
-
- A system with an up to date kernel is protected against attacks from
- malicious user space applications.
+ inversion, which is permanently enabled and has no measurable
+ performance impact in most configurations. The kernel ensures that
+ the address bits of PTEs, which are not marked present, never point
+ to cacheable physical memory space. On x86-32, this physical memory
+ needs to be limited to 2GiB to make mitigation effective.
+
+ Mitigation is present in kernels v4.19 and newer, and in
+ recent -stable kernels.
2. Malicious guest in a virtual machine
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Attachment:
signature.asc
Description: Digital signature
