[Golem] Technical deep dive Meltdown + Spectre [was: Re: Calendario giugno 2018]

[Dario Faggioli]

On Thu, 2018-06-14 at 11:43 +0200, Dario Faggioli wrote:
> On Thu, 2018-05-31 at 21:18 +0200, giomba wrote:
> > - 12 giugno - Technical deep dive Meltdown + Spectre: funzionamento
> > a
> > basso livello delle recenti vulnerabilità dei processori Intel
> > 
> A proposito di questo, grazie per la serata, personalmente mi son
> divertito! :-)
> 
> Mi rendo conto, riguardando i link (che postero` qui appena ho un
> secondo), che alcune cose son state spiegate in modo un po'
> approssimativo... spero almeno di essere riuscito ad ottenere un
> compromesso decente fra rendere le cose comprensibili a tutti e dare
> informazioni tecnicamente esatte ed accurate. :-D
> 
Ed ecco i link.

Concetti base (piu` che altro via Wikipedia... c'e` tantissimo altro
materiale in altri siti/contenitori... cercate sul Web).

* Virtual Memory:
  https://en.wikipedia.org/wiki/Virtual_address_space
  https://wiki.osdev.org/Memory_management
* Speculative execution:
  https://en.wikipedia.org/wiki/Speculative_execution
  https://en.wikipedia.org/wiki/Branch_predictor
  https://en.wikipedia.org/wiki/Instruction_pipelining
* Tomasulo algorithm:
  https://en.wikipedia.org/wiki/Tomasulo_algorithm
* Cache(s):
  https://en.wikipedia.org/wiki/CPU_cache
  https://www.extremetech.com/extreme/188776-how-l1-and-l2-cpu-caches-work-and-why-theyre-an-essential-part-of-modern-chips
* TLB:
  https://en.wikipedia.org/wiki/Translation_lookaside_buffer
* Side-channels attacks
  https://en.wikipedia.org/wiki/Side-channel_attack

Meltdown e Spectre.

* Info generali:
  https://meltdownattack.com/
  https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)
  http://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html
  https://www.redhat.com/en/blog/what-are-meltdown-and-spectre-heres-what-you-need-know
* Advisories:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754
  https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/
  http://xenbits.xen.org/xsa/advisory-254.html
  https://blog.xenproject.org/2018/01/22/xen-project-spectre-meltdown-faq-jan-22-update/
* Risposte distro:
  https://www.suse.com/support/kb/doc/?id=7022512
  https://www.suse.com/support/kb/doc/?id=7022514
  https://access.redhat.com/security/vulnerabilities/speculativeexecution
  https://blog.ubuntu.com/2018/01/24/meltdown-spectre-and-ubuntu-what-you-need-to-know
* Checker e POC:
  https://github.com/speed47/spectre-meltdown-checker
  https://www.maketecheasier.com/check-linux-meltdown-spectre-vulnerability/
  https://github.com/cloudsriseup/Meltdown-Proof-of-Concept
  https://github.com/mniip/spectre-meltdown-poc
* Spiegazioni con esempi:
  https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/
  https://medium.com/@mattklein123/meltdown-spectre-explained-6bc8634cc0c2

Ciao,
Dario
-- 
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
Software Engineer @ SUSE https://www.suse.com/
-------------- parte successiva --------------
Un allegato non testuale è stato rimosso....
Nome:        signature.asc
Tipo:        application/pgp-signature
Dimensione:  833 bytes
Descrizione: This is a digitally signed message part
URL:         <http://lists.linux.it/pipermail/golem/attachments/20180615/703f4289/attachment.sig>