VAX + Spectre

Dave Wade dave.g4ugm at gmail.com
Thu Oct 3 10:52:37 CDT 2019



> -----Original Message-----
> From: cctalk <cctalk-bounces at classiccmp.org> On Behalf Of Paul Koning via
> cctalk
> Sent: 03 October 2019 16:28
> To: Stefan Skoglund <stefan.skoglund at agj.net>
> Cc: General Discussion: On-Topic and Off-Topic Posts
<cctalk at classiccmp.org>
> Subject: Re: VAX + Spectre
> 
> 
> 
> > On Oct 3, 2019, at 10:55 AM, Stefan Skoglund <stefan.skoglund at agj.net>
> wrote:
> >
> > tor 2019-10-03 klockan 09:45 -0400 skrev Paul Koning via cctalk:
> >>> On Oct 3, 2019, at 8:25 AM, Maciej W. Rozycki <macro at linux-mips.org
> >>>> wrote:
> >>>
> >>> On Thu, 3 Oct 2019, Maciej W. Rozycki wrote:
> >>>
> >>>>> You need an extremely high resolution timer to detect slight
> >>>>> differences in execution time of speculatively-executed threads.
> >>>>> The VAX
> >>>>> 11/780 certainly did
> >>>>> not do speculative execution, and my guess is that all VAXen did
> >>>>> not, either.
> >>>>
> >>>> The NVAX and NVAX+ implementations include a branch predictor in
> >>>> their microarchitecture[1], so obviously they do execute
> >>>> speculatively.
> >>>
> >>> For the record: in NVAX prediction does not extend beyond the
> >>> instruction fetch unit (I-box in VAX-speak), so there's actually no
> >>> speculative execution, but only speculative prefetch.
> >>
> >> That's a key point.  These vulnerabilities are quite complex and
> >> details matter.  They depend on speculation that goes far enough to
> >> make data references that produce cache fills, and that those fills
> >> persist after the speculative references have been voided.
> >>
> >> Branch prediction is only the first step, and as you point out, that
> >> alone is nowhere near enough.  For example, if a particular design
> >> did speculative execution but not speculative memory references on
> >> adresses that miss in the cache, you'd still have no issue.
> >>
> >
> > Can the speculative pre-fetch of instruction trigger cache fills ?
> 
> I don't know, but that isn't relevant to the Spectre issue.  That one need
> speculative data loads, visible via a timing channel to user mode code.
> 
> 	paul

Whilst , of course, nothing has been done for VAX  VSI have checked to see
if OpenVMS in Alpha, Itanium or AMD64 are susceptible...

http://vmssoftware.com/pdfs/news/Customer_Letter_2018_Meltdown_Spectre.pdf

Dave



More information about the cctalk mailing list