[Beowulf] RHEL7 kernel update for L1TF vulnerability breaks RDMA
John Hearns
hearnsj at googlemail.com
Thu Aug 23 12:11:03 PDT 2018
https://www.theregister.co.uk/2018/08/21/intel_cpu_patch_licence/
https://perens.com/2018/08/22/new-intel-microcode-license-restriction-is-not-acceptable/
On Tue, 21 Aug 2018 at 16:18, Lux, Jim (337K) <james.p.lux at jpl.nasa.gov>
wrote:
>
>
> On 8/21/18, 1:37 AM, "Beowulf on behalf of Chris Samuel" <
> beowulf-bounces at beowulf.org on behalf of chris at csamuel.org> wrote:
>
> On Tuesday, 21 August 2018 3:27:59 AM AEST Lux, Jim (337K) wrote:
>
> > I'd find it hard to believe that Intel's CPU designers sat around
> > implementing deliberate flaws ( the Bosch engine controller for VW
> model).
>
> Not to mention that Spectre variants affected AMD, ARM & IBM (at
> least).
>
> This publicly NSA funded research ("The Intel 80x86 processor
> architecture:
> pitfalls for secure systems") from 1995 has an interesting section:
>
> https://ieeexplore.ieee.org/document/398934/
>
> https://pdfs.semanticscholar.org/2209/42809262c17b6631c0f6536c91aaf7756857.pdf
>
> Section 3.10 - Cache and TLB timing channels
>
> which warns (in generalities) about the use of MSRs and the use of
> instruction
> timing as side channels.
>
>
>
> Such vulnerabilities have existed since the early days of computers. As
> processors and use cases have gotten more complex they're harder to find.
>
> This is why back in "orange book" days there's the whole "system high"
> mode of operation - basically "air gap, you, or things you trust, are the
> only one on the machine"
>
>
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit
> http://www.beowulf.org/mailman/listinfo/beowulf
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20180823/28a032a5/attachment.html>
More information about the Beowulf
mailing list