Wednesday, March 14, 2018

Re: Meltdown workaround enabled?

> Gesendet: Mittwoch, 14. März 2018 um 06:13 Uhr
> Von: "Bob Beck" <beck@obtuse.com>
> An: "Brian Camp" <brian@thecamps.org>
> Cc: "Theo de Raadt" <deraadt@openbsd.org>, misc@openbsd.org
> Betreff: Re: Meltdown workaround enabled?
>
> Intel make kitty scared... What a fuckmess.

Err....do I get it right, that a possibly vulnerable CPU
(from 2016) is still vulnerable to MELTDOWN but a newer
BIOS *fakes* the CPU flags so the MELTDOWN "detection code"
says, "this CPU is NOT vulnerable"

Is that right?

Robert

>
> On Tue, Mar 13, 2018 at 22:57 Brian Camp <brian@thecamps.org> wrote:
>
> > On Tue, Mar 13, 2018 at 10:39 PM, Theo de Raadt <deraadt@openbsd.org>
> > wrote:
> > >> According to some sources, Intel and a handful of others have known
> > about the
> > >> issue since February 2017(!), so perhaps it has already been patched in
> > the
> > >> 08Jan2018 BIOS. I too have doubts that to date any processor has been
> > >> redesigned to avoid the flaws entirely, but then again...
> > >
> > > Sure. A BIOS can change the flag bits.
> > >
> > > Be nice to know. Did a BIOS change them?
> >
> > I downgraded the bios to try and figure this out. Going back just one
> > revision (1/8/2018 to 12/18/2017) causes it to lose the flag and
> > -current's MELTDOWN workaround to activate.
> >
> > Previous BIOS revision (12/18/2017):
> > bcamp@nuc6cayh:~ (OpenBSD 6.3)
> > $ cpuid 0x7
> > eax = 0x00000000 0 "????"
> > ebx = 0x2294e283 580182659 "???""
> > ecx = 0x00000000 0 "????"
> > edx = 0x00000000 0 "????"
> >
> > Newest BIOS revision (1/8/2018):
> > bcamp@nuc6cayh:~ (OpenBSD 6.3)
> > $ cpuid 0x7
> > eax = 0x00000000 0 "????"
> > ebx = 0x2294e283 580182659 "???""
> > ecx = 0x00000000 0 "????"
> > edx = 0x2c000000 738197504 "???,"
> >
> >
>

No comments:

Post a Comment