[Beowulf] RHEL7 kernel update for L1TF vulnerability breaks RDMA

Lux, Jim (337K) james.p.lux at jpl.nasa.gov
Tue Aug 21 08:17:58 PDT 2018



On 8/21/18, 1:37 AM, "Beowulf on behalf of Chris Samuel" <beowulf-bounces at beowulf.org on behalf of chris at csamuel.org> wrote:

    On Tuesday, 21 August 2018 3:27:59 AM AEST Lux, Jim (337K) wrote:
    
    > I'd find it hard to believe that Intel's CPU designers sat around
    > implementing deliberate flaws ( the Bosch engine controller for VW model).
    
    Not to mention that Spectre variants affected AMD, ARM & IBM (at least).
    
    This publicly NSA funded research ("The Intel 80x86 processor architecture: 
    pitfalls for secure systems") from 1995 has an interesting section:
    
    https://ieeexplore.ieee.org/document/398934/
    https://pdfs.semanticscholar.org/2209/42809262c17b6631c0f6536c91aaf7756857.pdf
    
    Section 3.10 - Cache and TLB timing channels
    
    which warns (in generalities) about the use of MSRs and the use of instruction 
    timing as side channels.
    


Such vulnerabilities have existed since the early days of computers.  As processors and use cases have gotten more complex they're harder to find.

This is why back in "orange book" days there's the whole "system high" mode of operation - basically "air gap, you, or things you trust, are the only one on the machine"




More information about the Beowulf mailing list