On 02/18/2018 07:03 AM, Rudolf Marek wrote:
Thanks for the detailed reply :]
What do you want to protect?
I just looked at
the AMD page saw they said they would be releasing
updates and I figured I should have them even though there is no
description of as to what they actually will do.
If you want to protect the kernel, retpolines are OK
And you don't need any microcode update. Your CPU needs to have SMEP, otherwise
you would need to clear RSB on CPL change (the paper on mentined page says that you need
to do that
always, but at least on Ryzen, the attack using RSB is not working (we tried that out,
maybe it works
only on some circumstances).
If you want to protect userspace, the RSB will be clear by IBPB (which you would need if
you don't have userspace compiled
with retpolines). I don't know if intel clears RSB on IBPB... probably not
To sum it up on AMD:
retpolines, RSB clear on CPL change on CPU without SMEP (see above)
retpolines, RSB clear on context switch necessary or IBPB (needs microcode update).
Plus make sure you enable "LFENCE is dispatch serializing" - perhaps coreboot
can do that :) it is simple
MSR write on fam 10h 12h+ the fam 11h and 0fh dont have this MSR but LFENCE is dispatch
Hmm do you have more info links about this?
Besides that, you don't need any microcode
Plus of course there is a spectre variant 1, which is more difficult to mitigate,
basically you need to check all the software
and look for any pattern like array_x[array_z[untrusted_index] * any transformation].
The first access would leak just address (ASLR defated), second will leak data.
The variant 1 works on user/user attack and as well as user/kernel.
As far I know there are no automated tools to check for this.