#15064: Mitigate ZombieLoad and other MDS (Microarchitectural Data Sampling)
Intel
vulnerabilities
---------------------------+------------------------------
Reporter: waddlesplash | Owner: nobody
Type: bug | Status: new
Priority: normal | Milestone: Unscheduled
Component: System/Kernel | Version: R1/Development
Keywords: security | Blocked By:
Blocking: | Has a Patch: 0
Platform: All |
---------------------------+------------------------------
The fix is to use the VERW instruction with patched microcode on kernel
exit; this flushes the relevant buffers.
NetBSD's fix:
https://github.com/NetBSD/src/commit/afab82aeafd0c51afc036a8b35dd0ed428b2885b
We already have a kernel altcodepatch mechanism for SMAP, so we can use
that here for the vulerable CPUs as well.
--
Ticket URL: <https://dev.haiku-os.org/ticket/15064>
Haiku <https://dev.haiku-os.org>
The Haiku operating system.