[Info-vax] Intel junk...Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

Fri Jan 5 22:51:25 EST 2018

On Saturday, January 6, 2018 at 10:57:48 AM UTC+11, Doomsdrzej wrote:
> On Fri, 05 Jan 2018 23:01:39 GMT, Pabst Blue Ribbon
> <pabst at blue.ribbon> wrote:
> 
> >Alan Browne <bitbucket at blackhole.com> wrote:
> >> On 2018-01-05 09:15, DaveFroble wrote:
> >>> Jan-Erik Soderholm wrote:
> >> 
> >>>> Becuse the designers, for performance reasons, has mapped kernel memory
> >>>> into the user process address space and relies on the OS to check
> >>>> protection before any kernel memory (or code) is accessed.
> >>>> 
> >>>> The issue with the current issues is that the hardware (the CPU) does
> >>>> these accesses in hardware "under the hood" without control by the OS.
> >>>> 
> >>>> If you map your kernel memory in another way that uses the hardware
> >>>> protection facilities, you are (as I understand) safe, at the cost
> >>>> of worse performance to switch between user and kernel mode.
> >>>> 
> >>>> 
> >>> 
> >>> As I wrote, someone dropped the ball on this one.
> >>> 
> >>> Speculative execution is part of the HW, not software.  It appears the 
> >>> HW doesn't follow it's own rules.  Or, perhaps I don't actually 
> >>> understand the problem?
> >> 
> >> At least as well as I do.  These are very complex mechanisms and 
> >> complexity is usually where you're most likely to get problems.
> >> 
> >> In this case the h/w implementation didn't reflect the design goal.
> >> 
> >> This means intel had very poor design review and abysmal testing of 
> >> security features.
> >
> >I doubt it. Yes, it's assumption but I think Intel was aware and gave OK to
> >flawed design because of performance/cost.
> 
> The most popular theory is that Intel not only left it in there but
> actually put the flaw in there to facilitate spying by the NSA. There
> was even anonymous testimony by an Intel employee that explained it as
> being used for that purpose and that the company was aware of the
> issue for years.

This would not surprise me

The NSA and the likes have gag orders stopping the speaking out of such code adjustment / insertions

I remember Linus was approached to insert backdoor code into the kernel. It only came to light because his father spoke of the approach, where-as Linus himself was not allowed to speak of it

His response to the organisation was that any attempt to insert code into the base kernel would be quickly picked up by reviewers. It remains unknown if the code was inserted or not but the consensus is that they went away empty handed

I asked the question before but never got a response - does any of the OpenVMS code have additional code inserted into it...