On Mon 2019-01-14 00:12:59, Jiri Kosina wrote:
On Mon, 14 Jan 2019, Pavel Machek wrote:
That one really is Intel-specific (not even all x86s are affectd). Same for Meltdown.
At least for Meltdown, your claim is simply not correct.
You are right, there may be few ARM chips affected by meltdown.
I don't know about any non-Intel affected by l1tf.
...and its documentation is just plain wrong, explaining I'm protected when I'm not...
commit f372cd79be31382ae6030a1f15638cc7fe9eeb9f Author: Pavel pavel@ucw.cz Date: Thu Jan 3 00:48:40 2019 +0100
Ok, I guess L1TF was a lot of fun, and there was not time for a good documentation.
There's admin guide that is written as an advertisment, and unfortunately is slightly "inaccurate" at places (to the point of lying).
Plus, I believe it should go to x86/ directory, as this is really Intel issue, and not anything ARM (or RISC-V) people need to know.
Signed-off-by: Pavel Machek pavel@ucw.cz
diff --git a/Documentation/admin-guide/l1tf.rst b/Documentation/admin-guide/l1tf.rst index 9af9773..05c5422 100644 --- a/Documentation/admin-guide/l1tf.rst +++ b/Documentation/admin-guide/l1tf.rst @@ -1,10 +1,11 @@ L1TF - L1 Terminal Fault ========================
-L1 Terminal Fault is a hardware vulnerability which allows unprivileged -speculative access to data which is available in the Level 1 Data Cache -when the page table entry controlling the virtual address, which is used -for the access, has the Present bit cleared or other reserved bits set. +L1 Terminal Fault is a hardware vulnerability on most recent Intel x86 +CPUs which allows unprivileged speculative access to data which is +available in the Level 1 Data Cache when the page table entry +controlling the virtual address, which is used for the access, has the +Present bit cleared or other reserved bits set.
Affected processors ------------------- @@ -76,12 +77,14 @@ Attack scenarios deterministic and more practical.
The Linux kernel contains a mitigation for this attack vector, PTE - inversion, which is permanently enabled and has no performance - impact. The kernel ensures that the address bits of PTEs, which are not - marked present, never point to cacheable physical memory space. - - A system with an up to date kernel is protected against attacks from - malicious user space applications. + inversion, which is permanently enabled and has no measurable + performance impact in most configurations. The kernel ensures that + the address bits of PTEs, which are not marked present, never point + to cacheable physical memory space. On x86-32, this physical memory + needs to be limited to 2GiB to make mitigation effective. + + Mitigation is present in kernels v4.19 and newer, and in + recent -stable kernels.
2. Malicious guest in a virtual machine ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^