[cip-dev] MDS and other speculation issues

Ben Hutchings ben.hutchings at codethink.co.uk
Thu May 16 16:29:26 UTC 2019


On Thu, 2019-05-16 at 00:44 +0000, nobuhiro1.iwamatsu at toshiba.co.jp wrote:
> Hi Ben,
> 
> > -----Original Message-----
> > From: cip-dev-bounces at lists.cip-project.org
> > > > [mailto:cip-dev-bounces at lists.cip-project.org] On Behalf Of Ben
> > Hutchings
> > Sent: Wednesday, May 15, 2019 8:34 PM
> > To: cip-dev at lists.cip-project.org
> > Subject: [cip-dev] MDS and other speculation issues
> > 
> > As with the earlier speculation vulnerabilities, I don't believe that
> > MDS should be a particularly severe issue for CIP-based systems.
> > 
> > Nevertheless, I have prepared a backport of the mitigations for MDS (and
> > some changes to the mitigations for other speculation issues) for 4.4.
> > This was included in 4.4.180-rc1, which is out for review now.  I did
> > not have the chance to test this thoroughly, so review and testing are
> > needed.
> 
> Thank you for your work and information.
> I'm just looking into a test tool for this issue, but please let me know what
> you already know.

There is proof-of-concept exploit code, but it's not yet public, so far
as I know.  Nor do I have a copy.

> There is a spectre-meltdown-checker, but we can not do a detailed test with this.
> https://github.com/speed47/spectre-meltdown-checker/

That uses kernel interfaces to identify the affected CPUs and any
mitigations that are enabled.  However, it does not test whether the
mitigation is actually effective, so it won't detect incomplete or
incorrect backports.

Ben.

-- 
Ben Hutchings, Software Developer                         Codethink Ltd
https://www.codethink.co.uk/                 Dale House, 35 Dale Street
                                     Manchester, M1 2HF, United Kingdom


More information about the cip-dev mailing list