By: Michael S (already5chosen.delete@this.yahoo.com), July 15, 2022 6:59 am
Room: Moderated Discussions
Anon4 (No.delete@this.example.com) on July 14, 2022 5:05 pm wrote:
> anon2 (anon.delete@this.anon.com) on July 14, 2022 4:29 pm wrote:
> > No it wasn't, it was BTB poisoning to influence indirect branches.
> > Branch direction forwards or backwads is not relevant.
>
> I've had my head to much on CFI recently.... forward edge, obviously branch direction is not relevant.
>
> > Some CPUs use BTB for return branches in some situations. This is not somehow new nor was unknown at the
> > time. It was explicitly called out in a public discussion about the fix several years ago, actually.
>
> And was thought not to be exploitable, some people thought it was exploitable
> however they could not come up with a practical attack at the time.
>
According to my definition of "practical" Spectre-v2 never was practical attack vector, with
or without retpoline mitigation.
Ergo, retpolines were and are wastage of everybody's money and energy.
> Given the mitigation cost no one was going to roll out an expensive speculative (sic) mitigation against
> an attack which was not thought to be practical at the time. That 'expensive' is in money, performance
> losses cost real money for the hyperscalers and major ones can make a service economically unviable.
>
> anon2 (anon.delete@this.anon.com) on July 14, 2022 4:29 pm wrote:
> > No it wasn't, it was BTB poisoning to influence indirect branches.
> > Branch direction forwards or backwads is not relevant.
>
> I've had my head to much on CFI recently.... forward edge, obviously branch direction is not relevant.
>
> > Some CPUs use BTB for return branches in some situations. This is not somehow new nor was unknown at the
> > time. It was explicitly called out in a public discussion about the fix several years ago, actually.
>
> And was thought not to be exploitable, some people thought it was exploitable
> however they could not come up with a practical attack at the time.
>
According to my definition of "practical" Spectre-v2 never was practical attack vector, with
or without retpoline mitigation.
Ergo, retpolines were and are wastage of everybody's money and energy.
> Given the mitigation cost no one was going to roll out an expensive speculative (sic) mitigation against
> an attack which was not thought to be practical at the time. That 'expensive' is in money, performance
> losses cost real money for the hyperscalers and major ones can make a service economically unviable.
>
| Topic | Posted By | Date |
|---|---|---|
| Retbleed | anonymous2 | 2022/07/13 03:14 PM |
| Retbleed | anon2 | 2022/07/13 10:03 PM |
| Retbleed | Adrian | 2022/07/14 12:05 AM |
| Retbleed | Anon4 | 2022/07/14 02:17 PM |
| Retbleed | anon2 | 2022/07/14 04:29 PM |
| Retbleed | Anon4 | 2022/07/14 05:05 PM |
| Retbleed | anon2 | 2022/07/14 05:37 PM |
| Retbleed | anon2 | 2022/07/14 06:40 PM |
| Retbleed | dmcq | 2022/07/15 04:54 AM |
| Retbleed | anon2 | 2022/07/17 07:17 AM |
| Retbleed | Michael S | 2022/07/15 07:08 AM |
| Retbleed | Ben T | 2022/07/16 05:06 AM |
| Retbleed | Michael S | 2022/07/16 11:41 AM |
| Public cloud infrastructure | Ben T | 2022/07/16 04:50 PM |
| Public cloud infrastructure | Rayla | 2022/07/16 09:15 PM |
| Public cloud infrastructure | me | 2022/07/17 09:19 AM |
| Public cloud infrastructure | Brett | 2022/07/18 12:38 PM |
| Public cloud infrastructure | Adrian | 2022/07/18 01:19 PM |
| Public cloud infrastructure | me | 2022/07/18 03:54 PM |
| Public cloud infrastructure | Brett | 2022/07/20 03:35 PM |
| Public cloud infrastructure | Brett | 2022/07/21 01:18 PM |
| Public cloud infrastructure | inthestratosphere | 2022/07/21 02:46 PM |
| Public cloud infrastructure | Brett | 2022/07/21 10:38 PM |
| What’s needed for a viable Apple server? | Ben T | 2022/07/22 05:31 AM |
| What’s needed for a viable Apple server? | Michael S | 2022/07/22 09:09 AM |
| More DRAM capacity? | Mark Roulo | 2022/07/22 09:48 AM |
| More DRAM capacity? | Doug S | 2022/07/22 11:05 AM |
| More DRAM capacity? | Mark Roulo | 2022/07/22 11:20 AM |
| More DRAM capacity? | Doug S | 2022/07/22 01:48 PM |
| More DRAM capacity? | Wes Felter | 2022/07/22 04:49 PM |
| Public cloud infrastructure | anon2 | 2022/07/18 04:25 PM |
| Putting 12 processor packages in a 1U server | Ben T | 2022/07/22 10:02 PM |
| Putting 12 processor packages in a 1U server | rwessel | 2022/07/23 07:15 AM |
| Putting 12 processor packages in a 1U server | Daniel B | 2022/07/23 04:15 PM |
| Putting 12 processor packages in a 1U server | Ben T | 2022/07/24 05:29 AM |
| Multi-system cluster design space | Paul A. Clayton | 2022/07/24 08:49 AM |
| Retbleed | Anon4 | 2022/07/15 03:00 AM |
| Retbleed | Michael S | 2022/07/15 06:59 AM |
| Retbleed | --- | 2022/07/15 11:14 AM |
