| 1 |
On 02/01/18 22:58, Adam Carter wrote: |
| 2 |
> AMD coder's patch to disable the new code (to avoid the performance hit) |
| 3 |
> where he states the issue doesnt exist on AMD processors; |
| 4 |
> https://lkml.org/lkml/2017/12/27/2 |
| 5 |
|
| 6 |
Read LWN, specifically the links to the people who covered the bug. |
| 7 |
|
| 8 |
It's a flaw in speculative forward processing, where the security does |
| 9 |
not travel with the speculative processing. So user code can trigger a |
| 10 |
page fault that references kernel code, causing that page to be |
| 11 |
retrieved. OOPPSSSS. AMD keeps security context with the code, causing |
| 12 |
an attempt to exploit the bug to fail with "invalid security context". |
| 13 |
|
| 14 |
And as I understand it the code can be disabled with either a compile |
| 15 |
time option or command line switch to the kernel. The relevant code is |
| 16 |
called KAISER, which forces kernel and user address space into different |
| 17 |
contexts, and causes a nasty context-switching overhead on both Intel |
| 18 |
and AMD cpus. |
| 19 |
|
| 20 |
Cheers, |
| 21 |
Wol |
Archives