OS-7000: Need Eager FPU

Details

Issue Type:Bug
Priority:2 - Critical
Status:Resolved
Created at:2018-06-06T01:03:01.693Z
Updated at:2018-06-15T17:18:10.686Z

People

Created by:Robert Mustacchi [X]
Reported by:Robert Mustacchi [X]
Assigned to:Robert Mustacchi [X]

Resolution

Fixed: A fix for this issue is checked into the tree and tested.
(Resolution Date: 2018-06-13T22:29:36.742Z)

Fix Versions

2018-06-21 Underwater Reactor (Release Date: 2018-06-21)

Related Links

Description

Historically x86 has used a lazy FPU that restores the FPU registers in the context a #NM handler based on when the FPU is first used after a context switch. It turns out that through speculative execution it is possible to read values out of the FPU before the #NM takes effect. An eager FPU restore defeats this side channel. See CVE-2018-3665.

Comments

Comment by Robert Mustacchi [X]
Created at 2018-06-13T21:00:47.246Z

To test this on both debug and non-debug builds we've done the following:


Comment by Jira Bot
Created at 2018-06-13T22:27:10.282Z

illumos-joyent commit f48e1a4f1d835afe9a2607058270907434313e19 (branch master, by Robert Mustacchi)

OS-7000 Need Eager FPU
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
Reviewed by: Bryan Cantrill <bryan@joyent.com>
Reviewed by: John Levon <john.levon@joyent.com>
Approved by: Bryan Cantrill <bryan@joyent.com>


Comment by Jira Bot
Created at 2018-06-15T17:18:10.686Z

illumos-joyent commit bce37cdf6c9e94a5df1aec9fec97bb9c50139717 (branch release-20180315, by Robert Mustacchi)

OS-7000 Need Eager FPU
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
Reviewed by: Bryan Cantrill <bryan@joyent.com>
Reviewed by: John Levon <john.levon@joyent.com>
Approved by: Bryan Cantrill <bryan@joyent.com>