Bug 1217845 - VUL-0: kernel: SLAM - Spectre based on Linear Address Masking
Summary: VUL-0: kernel: SLAM - Spectre based on Linear Address Masking
Status: NEW
Alias: None
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Nikolay Borisov
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/387195/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-12-06 09:52 UTC by Marcus Meissner
Modified: 2024-05-17 12:01 UTC (History)
6 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2023-12-06 09:52:52 UTC 
A vulnerability in closed source CPUs which open source OSes may need
to mitigate was disclosed today:

https://www.vusec.net/projects/slam/
https://github.com/vusec/slam
https://www.youtube.com/watch?v=y4wZ-tREaNk
https://x.com/vu5ec/status/1732099516621521003

The first page lists these processors as affected:

    - Existing AMD CPUs vulnerable to CVE-2020-12965;
    - Future Intel CPUs supporting LAM (both 4- and 5-level paging);
    - Future AMD CPUs supporting UAI and 5-level paging;
    - Future Arm CPUs supporting TBI and 5-level paging.

as it takes advantage of CPU features which allow masking off some bits of
pointer addresses to store additional data in, such as Intel’s Linear Address
Masking (LAM), AMD’s Upper Address Ignore (UAI), or ARM's Top-byte Ignore (TBI).
Comment 1 Marcus Meissner 2023-12-06 13:10:02 UTC 
We are a bit thin on mitigation possibilities.

Some will happen in the future CPUs hopefully.

Source level wise throwing in more lfences is not really feasible.