Re: amd64: svs

[Piotr Meyer <aniou%smutek.pl@localhost>]

On Sun, Jan 07, 2018 at 12:26:00PM +0900, clare%csel.org@localhost wrote:
[..]

> The Redhat and Microsoft implicitly says "Intel will release microcode
> soon".  I hoped to it.
> 
> the Linux supported by the google goes to the KPTI, maybe,
> it means the Intel does not plan to mitigate by the new microcode.

According to [1] Intel had known about issue for months:

 Variants of this issue are known to affect many modern processors,
 including certain processors by Intel, AMD and ARM. For a few Intel and
 AMD CPU models, we have exploits that work against real software. We
 reported this issue to Intel, AMD and ARM on 2017-06-01 [1].

Lack of already available microcode updates, lack of release dates for
particular cores and that all PR (mis)statements from Intel makes me 
doubt about Intel's will and ability to control situation. Few days
ago even hardware manufacturers, like Cisco[2] wasn't sure about impact
of bug (so - no early disclosure from Intel at all, even for them?).
Today Cisco released additional informations - but take a look at "fix 
release date" for UCS Servers[2]! 


1 - https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
2 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel

-- 
Piotr 'aniou' Meyer