Message349688
Ah, I found the recent change about XSAVE: it is a fix for CVE-2018-3665 vulnerability.
"The software mitigation for this is to switch to an "eager" / immediate FPU state save and restore, in both kernels and hypervisors."
"On Intel and AMD x86 processors, operating systems and hypervisors often use what is referred to as a deferred saving and restoring method of the x86 FPU state, as part of performance optimization. This is done in a "lazy" on-demand fashion."
"It was found that due to the "lazy" approach, the x86 FPU states or FPU / XMM / AVX512 register content, could leak across process, or even VM boundaries, giving attackers possibilities to read private data from other processes, when using speculative execution side channel gadgets."
https://www.suse.com/support/kb/doc/?id=7023076
See also: https://en.wikipedia.org/wiki/Lazy_FP_state_restore |
|
Date |
User |
Action |
Args |
2019-08-14 12:18:16 | vstinner | set | recipients:
+ vstinner, bkabrda, opoplawski, markmcclain, peadar, justbennet |
2019-08-14 12:18:16 | vstinner | set | messageid: <1565785096.9.0.623804607714.issue21131@roundup.psfhosted.org> |
2019-08-14 12:18:16 | vstinner | link | issue21131 messages |
2019-08-14 12:18:15 | vstinner | create | |
|