Spectre & Meltdown

Thu Jan 4 15:08:19 CST 2018

I misspoke - Spectre potentially affects all processors that use
*pipelining and speculative execution*, not just superscalar ones (I
mis-parsed "all modern processors capable of keeping many instructions
in flight").

There's been ongoing patches to the Linux kernel for Meltdown (and for
other OSes, though we can't read their mailing lists). For Spectre,
though, it seems like solutions might take longer to distribute.

It's kind of fascinating to run in to a cross-platform vulnerability
like this! Is anyone else aware of similar vulnerabilities from
history that also affected multiple processors, but relied on their
implementation details?

On Thu, Jan 4, 2018 at 4:03 PM, Ed Sharpe <couryhouse at aol.com> wrote:
> http://www.zdnet.com/article/intel-starts-issuing-patches-for-meltdown-spectre-vulnerabilities/?loc=newsletter_large_thumb_related&ftag=TREc64629f&bhid=46856739
>
> this  just  hit  my email box..... Ed#
>
> In a message dated 1/4/2018 1:54:43 PM US Mountain Standard Time,
> cctalk at classiccmp.org writes:
>
> From the exploit homepage (https://spectreattack.com/) , it seems like the
> Meltdown vulnerability affects all out-of-order executing Intel *branded*
> CPUs (from the P6 onward), and the Spectre vulnerability potentially
> impacts all superscalar processors of...all brands potentially :(
>
> Sophie
>
> On Thu, Jan 4, 2018 at 3:44 PM, jim stephens via cctalk <
> cctalk at classiccmp.org> wrote:
>
>>
>>
>> On 1/4/2018 12:34 PM, Ed Sharpe via cctalk wrote:
>>
>>> what about xenon processors??
>>> ed#
>>> In a message dated 1/4/2018 1:18:14 PM US Mountain Standard Time,
>>> cctalk at classiccmp.org writes:
>>>
>>>
>>>
>> There is no difference between them and any other intel x86 or x64
>> processor as far as the flaw involved.
>>
>> Though they are not mentioning it, I suspect one can target P3 and P4
>> equally well with the exploit. It has been around that long.
>> thanks
>> Jim
>>
>>
>>> ----- Original Message -----
>>> From: "Warner Losh via cctalk" <cctalk at classiccmp.org>
>>> To: "Murray McCullough" <c.murray.mccullough at gmail.com>; "General
>>> Discussion: On-Topic and Off-Topic Posts" <cctalk at classiccmp.org>
>>> Sent: Thursday, January 04, 2018 1:05 PM
>>> Subject: Re: Spectre & Meltdown
>>>
>>>
>>> On Thu, Jan 4, 2018 at 11:00 AM, Murray McCullough via cctalk <
>>>> cctalk at classiccmp.org> wrote:
>>>>
>>>> This may be off-topic but these latest uprocessor exploits has raised
>>>>> a question: Are the 'old/classic' uprocessors using x86 technology in
>>>>> the same boat? The very earliest ones, i.e., 1970s and early 80's.
>>>>> probably not. How many are actually in use and/or on the Net?
>>>>>
>>>>> I've seen it reported, but haven't verified, that this bug extends
>>>> about 20
>>>> years back in the past to the Pentium Pro/Pentium II class of machines.
>>>> If
>>>> I read that correctly, there's only two generations of Pentium not
>>>> affected, the P54C and P55C, the former of F00F fame... 386 and 486 CPUs
>>>> apparently aren't affected since they didn't have speculative execution.
>>>> The 8088/8086/80186/80286 presumably are also immune... If you extend
>>>> things further back, CP/M on Z80/8080 is also fine, but I don't think
>>>> those
>>>> are properly x86 :)
>>>>
>>>> Warner
>>>>
>>> --------
>>> Finally, an excuse to use all those old 486 boxes...
>>>
>>> m
>>>
>>>
>>>
>>