[LAU] Meltdown – Spectre

[Will Godfrey]

On Sat, 13 Jan 2018 20:52:36 +0100
David Kastrup <dak at gnu.org> wrote:

>Ralf Mardorf <ralf.mardorf-ZCLZIpdjs0kJGwgDXS7ZQA at public.gmane.org>
>writes:
>
>> On Sat, 13 Jan 2018 15:29:27 +0000, Pablo Fernandez wrote:  
>>>El sáb., 13 ene. 2018 13:58, Thomas Pfundt escribió:  
>>>> However, this site doesn't list your Celeron G as vulnerable:
>>>> https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
>>>> Do you even need to concern with the patch and performance at this
>>>> point?  
>>
>> That is interesting news. I'll forward this, since actually it's
>> claimed that all x86 CPUs since the Pentium Pro from 1995 suffer from
>> this issue.
>>
>> Does anybody know how to value this information from Intel?  
>
>The vulnerability is speculative execution in connection with memory
>fetch.  Basically, you make a conditional indirect branch via the
>location you want to read out with the condition being later figured out
>as false.  The execution is abandoned at that time, but the indirect
>branch has invalidated previous contents of the cache depending on the
>abandoned target.  Now you use timing registers in connection with
>accesses in order to figure out just where the cache is no longer valid.
>
>Since kernel and user processes generally share the same virtual address
>space for efficiency reasons (though obviously not the same
>permissions)...
>
>Basically, I'd be surprised about exceptions.
>

Bearing in mind Intel's past behaviour, I regard missing entries in that list
as simply meaning those CPUs have not been tested, not that they in the clear.

-- 
Will J Godfrey
http://www.musically.me.uk
Say you have a poem and I have a tune.
Exchange them and we can both have a poem, a tune, and a song.