| --- Log opened Thu Jan 04 00:00:22 2018 |
| 00:05 | < Degi_> | How can JS code execute that vulnerability on intel processors though? Can it perform any memory-address-level calls or so? |
| 00:10 | <&McMartin> | I think it can ensure that a certain block of data is contiguous. |
| 00:11 | <&McMartin> | Rowhammer was somehow exploitable through JS. |
| 00:14 | | Derakon[AFK] is now known as Derakon |
| 00:18 | | Degi_ [Degi@Nightstar-fp79ro.dyn.telefonica.de] has quit [Connection closed] |
| 00:41 | | himi [sjjf@Nightstar-dm0.2ni.203.150.IP] has joined #code |
| 00:41 | | mode/#code [+o himi] by ChanServ |
| 00:43 | | Kindamoody is now known as Kindamoody[zZz] |
| 01:00 | | celticminstrel [celticminst@Nightstar-m9434e.dsl.bell.ca] has joined #code |
| 01:00 | | mode/#code [+o celticminstrel] by ChanServ |
| 01:11 | < Mahal> | re Meltdown and Spectre |
| 01:11 | < Mahal> | I need to either drink a LOT OF COFFEE or some booze before it starts making sense to me :\ |
| 01:11 | < Mahal> | (however, it's a damned interesting bug) |
| 01:12 | < Mahal> | (And i await the performance hits to our SQL DB servers with interest) |
| 01:18 | <&McMartin> | The more you can get away with in-memory caches, the less hard you should be hit. |
| 01:19 | < Mahal> | our main SQL box is a 2k8 hardware cluster. |
| 01:20 | < Mahal> | we are mossssstly off it |
| 01:20 | < Mahal> | except for that one really important thing |
| 01:33 | <@himi> | Meltdown and Spectre? |
| 01:33 | <&McMartin> | Those cache coherency bugs we've been talking about the past few days have names and logos now and thus are real~ |
| 01:33 | <&McMartin> | Meltdown is Intel-specific, Spectre hits basically any chip ever made that can do out-of-order execution |
| 01:34 | <&McMartin> | Both are, essentially, side-channel timing attacks that leak the contents of physical memory |
| 01:34 | <@himi> | Ah |
| 01:34 | <&McMartin> | Google Project Zero's top blog post seems to be the most thorough discussion of it |
| 01:35 | <@himi> | So AMD aren't totally immune then |
| 01:36 | <&McMartin> | Nope |
| 01:36 | <&McMartin> | There's a working PoC, but it requires the eBPF JIT to be on, which is apparently not default. |
| 01:36 | <&McMartin> | It also is present in ARM. |
| 01:37 | <@himi> | So everyone took the same shortcuts when implementing speculative execution . . . |
| 01:37 | <&McMartin> | Spectre is ring-3-to-ring-3 leakage or the non-x86 equivalent of that and is known to be present on Intel/AMD/ARM and believed to be present on Power and z-Series |
| 01:37 | | * himi nods |
| 01:37 | <&McMartin> | I'm not yet clear on whether or not this is 'everyone took the same shortcut' or 'this is intrinsic to speculative execution and requires specific software techniques to defeat the side-channel' |
| 01:38 | <@himi> | Bad, but nothing like as bad as ring0-to-ring3 |
| 01:38 | <&McMartin> | Which, mind you, is the case for Intel and AMD, because L1 cache doesn't know what protection is |
| 01:38 | <@himi> | I think it's arguable that those are actually the same thing, if there's a specific technique that can be used to defeat it |
| 01:39 | <&McMartin> | There are in fact three different CVEs here |
| 01:39 | <&McMartin> | I'm not sure precisely what that signifies |
| 01:39 | <@himi> | The difference is that people didn't know about the side-channel until long after implementing the hardware, so it was in some sense intrinsic to the most sensible approach in the absence of that knowledge |
| 01:40 | <&McMartin> | Right. |
| 01:40 | <&McMartin> | I *think* that the "Meltdown" variant is one that is Intel-specific and that some random detail of AMD's L1 cache defeats |
| 01:40 | <&McMartin> | But some of the descriptions of that sound like AMD has just always been paying the performance penalty the Intel fix imposes |
| 01:41 | <&McMartin> | But if so, that makes Ryzen et al *really* impressive |
| 01:45 | <@himi> | Presumably Ryzen et al implement the "fix" in hardware, whereas Intel is now doing it in software (until they can do a proper hardware fix) |
| 01:45 | <@himi> | Maybe Ryzen shows us where Intel will be after they make new hardware |
| 01:46 | <@himi> | Those CVE numbers are interesting - the branch target injection variant is out of sequence |
| 01:49 | <&McMartin> | AIUI the Intel fix is p. much just "purge the TLB whenever you return from a syscall" |
| 01:57 | <@himi> | Yeah |
| 01:57 | <@himi> | No |
| 01:57 | <@himi> | Purge the TLB /and/ flush some of the caches |
| 03:01 | | Kindamoody[zZz] [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has quit [Client exited] |
| 03:11 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has joined #code |
| 03:11 | | mode/#code [+o Kindamoody|autojoin] by ChanServ |
| 04:57 | | celticminstrel [celticminst@Nightstar-m9434e.dsl.bell.ca] has quit [[NS] Quit: KABOOM! It seems that I have exploded. Please wait while I reinstall the universe.] |
| 05:05 | | Derakon is now known as Derakon[AFK] |
| 05:15 | <&[R]> | <Degi_> How can JS code execute that vulnerability on intel processors though? Can it perform any memory-address-level calls or so? <-- JS can do binary manipulation, and can create big binary blobs in memory as a result. You have to do a bit of extra work, but it's not very difficult to automate. |
| 06:42 | | Vornlicious [Vorn@Nightstar-hus3ac.sub-174-210-12.myvzw.com] has joined #code |
| 06:45 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 06:59 | | himi [sjjf@Nightstar-dm0.2ni.203.150.IP] has quit [Ping timeout: 121 seconds] |
| 07:00 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has quit [Connection closed] |
| 07:18 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has joined #code |
| 07:18 | | mode/#code [+ao McMartin McMartin] by ChanServ |
| 07:23 | | * McMartin fiddles with this new-to-him assembler |
| 07:23 | | * McMartin mutters at custom architectures |
| 07:24 | < Vornlicious> | ?? |
| 07:25 | <&McMartin> | Game Boy uses a variant architecture that isn't quite a Z80 and it's much less orthogonal |
| 07:25 | <&McMartin> | A lot of dancing around to do basic math |
| 07:25 | < Vornlicious> | Ah |
| 07:25 | <&McMartin> | Also this thing is much more aggressive about linking and such, in order to make banks etc behave sensibly |
| 07:27 | <&McMartin> | Not that this program is bankswitched but I still have to coexist with that |
| 07:29 | <&McMartin> | But in particular, running sixteen bit counters or doing even 16-bit addition is way more obnoxious than I'd like |
| 07:30 | <&McMartin> | But I think I have a working macro that will add-16-bit-immediate in 8 bytes and 8 cycles, or add any two registers with 6 and 6. |
| 07:30 | <&McMartin> | And this is faster than using the one actual sixteen-bit add instruction and loading all other bits into place -_- |
| 07:36 | < Vornlicious> | Wow. |
| 07:37 | <&McMartin> | (The only 16-bit add instruction is HL=HL+(other 16-bit register), which means you have to spill and unspill registers to do any immediate loads, and that *alone* is 7 cycles.) |
| 07:39 | <&McMartin> | No index modes, no block-transfer instructions =( |
| 07:39 | <&McMartin> | There is a stack-relative load I don't need and there's also some autoinc/autodec addressing modes on HL that I can use to make the lack of block-transfer hurt less |
| 09:09 | | himi [sjjf@Nightstar-v37cpe.internode.on.net] has joined #code |
| 09:09 | | mode/#code [+o himi] by ChanServ |
| 09:11 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has quit [[NS] Quit: Back later] |
| 09:34 | < Vornlicious> | HEY REIVER |
| 09:34 | < Vornlicious> | I find myself wondering how Chalcy is |
| 09:44 | | Vornicus [Vorn@Nightstar-1l3nul.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 10:32 | | ErikMesoy1 [Bruker@Nightstar-hq72t5.customer.cdi.no] has joined #code |
| 10:33 | | ErikMesoy [Bruker@Nightstar-hq72t5.customer.cdi.no] has quit [Ping timeout: 121 seconds] |
| 11:47 | | Emmy [Emmy@Nightstar-9p7hb1.direct-adsl.nl] has joined #code |
| 12:28 | | Degi [Degi@Nightstar-fp79ro.dyn.telefonica.de] has joined #code |
| 12:43 | | Kindamoody|autojoin is now known as Kindamoody |
| 13:32 | <&Reiver> | HEY VORNICUS |
| 13:32 | <&Reiver> | aw you're not around I'll try again later |
| 13:43 | | ErikMesoy1 is now known as ErikMesoy |
| 13:58 | | Kizor [moryok@Nightstar-e0a4sm.utu.fi] has quit [Connection closed] |
| 14:37 | | Degi [Degi@Nightstar-fp79ro.dyn.telefonica.de] has quit [Connection closed] |
| 14:41 | <&ToxicFrog> | I also wonder this occasionally |
| 14:42 | < Vornlicious> | HEY REIVER I am here now |
| 14:49 | <&[R]> | WTF is Chalcy |
| 14:50 | <&ToxicFrog> | Chalcedon. Her research on stoats led to the creation of this channel. |
| 14:50 | < Vornlicious> | Chalcedon aka Chalcy is the person for which this channel was founded |
| 14:50 | < Vornlicious> | Stoat stats even! |
| 14:50 | <&[R]> | Stoats? |
| 14:51 | < Vornlicious> | Reiver hooked her up with me for help designing a statistical algorithm and we met here |
| 14:51 | <&ToxicFrog> | Mustela erminea, aka the short-tailed weasel. |
| 14:51 | < Vornlicious> | She's a biologist. |
| 14:51 | <&ToxicFrog> | They're adorable, super soft and pettable, and highly invasive. |
| 14:51 | < Vornlicious> | Or was; I don't know what she's up to nowadays. |
| 14:52 | <&[R]> | Interesting |
| 14:52 | < Vornlicious> | Our algorithm was given the name "stoatburger". |
| 14:53 | <&ToxicFrog> | I provided some help with ingesting the stoatburger output and generating figures from it with postscript. |
| 14:53 | < Vornlicious> | (because it dealt in fractional quantities of stoat sometimes) |
| 14:54 | < Vornlicious> | I was not a good programmer then and so did not check to see if the permutation algorithm was already in Python somewhere. |
| 14:56 | <&ToxicFrog> | And it looks like I still have ~/devel/stoatburgers. |
| 14:56 | < Vornlicious> | Man |
| 14:59 | < Vornlicious> | (this came up because I got vash some Python books for Christmas and she was worried that her noob questions would not be welcome here. I then told her that I made the channel specifically for noob questions. She was surprised that I made the channel) |
| 15:01 | | mode/#code [+o ErikMesoy] by ChanServ |
| 15:02 | <&ToxicFrog> | noob questions are fun |
| 15:02 | < Vornlicious> | Noob questions are the best questions. |
| 15:03 | <&[R]> | Unless the noob is very adamant about not unwrapping their XY question |
| 15:04 | < Vornlicious> | Yes. |
| 15:08 | | Kindamoody [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has quit [Connection reset by peer] |
| 15:08 | | Kindamoody [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has joined #code |
| 15:08 | | mode/#code [+o Kindamoody] by ChanServ |
| 15:17 | | Vornlicious [Vorn@Nightstar-hus3ac.sub-174-210-12.myvzw.com] has quit [Connection closed] |
| 15:17 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has joined #code |
| 15:21 | | Vornicus [Vorn@Nightstar-1l3nul.res.rr.com] has joined #code |
| 15:21 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 15:31 | | Kizor [moryok@Nightstar-e0a4sm.utu.fi] has joined #code |
| 15:31 | | Kindamoody is now known as Kindamoody|afk |
| 15:51 | | Vornlicious [Vorn@Nightstar-hus3ac.sub-174-210-12.myvzw.com] has joined #code |
| 15:54 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 16:57 | | macdjord [macdjord@Nightstar-1pm.q8g.227.99.IP] has quit [[NS] Quit: Wenn ist das Nunstück git und Slotermeyer? Ja! Beiherhund das Oder die Flipperwaldt gersput!] |
| 17:06 | | macdjord [macdjord@Nightstar-ahbhn1.cable.rogers.com] has joined #code |
| 17:06 | | mode/#code [+o macdjord] by ChanServ |
| 17:29 | | * Vornlicious tries to think of a bunch of things you can do in Python with like 100 lines of code |
| 17:33 | < Vornlicious> | I know I've done the MTG deck handler in 100 lines |
| 17:41 | <&[R]> | What's special about that? |
| 17:42 | < Vornlicious> | About what |
| 17:43 | < Vornlicious> | The goal here is to come up with small things for Vash to try doing |
| 17:44 | <&[R]> | "The MtG deck handler" implies there was something more complicated than simply doing a shuffle of an array |
| 17:49 | < Vornlicious> | It also had repl stuff and a variety of tools including peek and search |
| 18:41 | <&[R]> | <bls> and there are people saying to lay off Intel, it's not their fault. security should be the OS's responsibility |
| 18:44 | | Vornlicious [Vorn@Nightstar-hus3ac.sub-174-210-12.myvzw.com] has quit [[NS] Quit: Bye] |
| 18:44 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has joined #code |
| 18:47 | <~Vornicus> | those people are idiots |
| 18:54 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 19:08 | <&ToxicFrog> | brb, designing a processor that's actually just a NIC that sends all the opcodes to the NSA for execution. It's cool, the OS can work around it in software. |
| 19:08 | <@Tamber> | XD |
| 19:09 | <@Tamber> | Then combining that with a network card that runs packet-inspection onboard? |
| 19:20 | | Jessikat` [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 19:20 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [Connection closed] |
| 19:24 | | Jessikat` [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [Ping timeout: 121 seconds] |
| 19:39 | | Vornlicious [Vorn@Nightstar-hus3ac.sub-174-210-12.myvzw.com] has joined #code |
| 19:41 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 19:43 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 20:15 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [Connection closed] |
| 20:15 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 20:16 | | gnolam [lenin@Nightstar-ego6cb.cust.bahnhof.se] has quit [[NS] Quit: Reboot] |
| 20:17 | | gnolam [lenin@Nightstar-ego6cb.cust.bahnhof.se] has joined #code |
| 20:17 | | mode/#code [+o gnolam] by ChanServ |
| 20:20 | | Tamber_ [tamber@new.furryhelix.co.uk] has joined #code |
| 20:24 | | Tamber [tamber@furryhelix.co.uk] has quit [[NS] Quit: ~~+++~~ATH] |
| 20:25 | | Tamber_ is now known as Tamber |
| 20:25 | | mode/#code [+o Tamber] by ChanServ |
| 20:26 | | Jessikat` [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 20:26 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [Connection closed] |
| 20:38 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 20:38 | | Jessikat` [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [Connection closed] |
| 20:53 | | Degi [Degi@Nightstar-fp79ro.dyn.telefonica.de] has joined #code |
| 21:03 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has joined #code |
| 21:03 | | mode/#code [+ao McMartin McMartin] by ChanServ |
| 21:30 | | Jessikat` [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 21:31 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [Connection closed] |
| 21:35 | <&McMartin> | "Who called it anxiety and not speculative emotional execution" |
| 21:36 | | himi [sjjf@Nightstar-v37cpe.internode.on.net] has quit [Ping timeout: 121 seconds] |
| 21:37 | <@gnolam> | :D |
| 21:38 | <&McMartin> | Speaking of, time to actually patch this machine's kernel. |
| 21:39 | | Jessikat` [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [Connection closed] |
| 21:40 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 21:47 | | Vornlicious [Vorn@Nightstar-hus3ac.sub-174-210-12.myvzw.com] has quit [Connection closed] |
| 21:47 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has joined #code |
| 21:48 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [Connection closed] |
| 21:50 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has joined #code |
| 21:50 | < Degi> | Argh windows update refuses to install the monthly security patches, guess it's debian time. |
| 21:53 | | Jessikat [Jessikat@Nightstar-our0up.cpe.teksavvy.com] has quit [[NS] Quit: Bye] |
| 21:54 | <&[R]> | ... |
| 21:54 | <&[R]> | I'll trade you Windows installs |
| 21:56 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has quit [[NS] Quit: anti-Meltdown patch] |
| 21:57 | < Degi> | Idk if you want that, since it's win 7 and other stuff. |
| 21:57 | <&[R]> | I just want a lack of excessive reboots |
| 21:57 | < Degi> | Oh mine doesn't automatically reboot and barely any updates for some reason. |
| 21:58 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has joined #code |
| 21:58 | | mode/#code [+ao McMartin McMartin] by ChanServ |
| 21:58 | < Degi> | Anyways I'm off now trying to fix stuff |
| 21:59 | | Degi [Degi@Nightstar-fp79ro.dyn.telefonica.de] has quit [Connection reset by peer] |
| 22:00 | | Degi [Degi@Nightstar-fp79ro.dyn.telefonica.de] has joined #code |
| 22:03 | | Degi [Degi@Nightstar-fp79ro.dyn.telefonica.de] has quit [Connection closed] |
| 22:09 | | Kindamoody|afk is now known as Kindamoody |
| 22:18 | | Vash [Vash@Nightstar-1l3nul.res.rr.com] has joined #code |
| 22:22 | | Vash is now known as Vashicus |
| 22:22 | | Vashicus is now known as Vashtastic |
| 22:25 | | Vashtastic is now known as Vash |
| 22:38 | | Vornicus [Vorn@Nightstar-1l3nul.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 22:43 | <&[R]> | <ius> https://www.theverge.com/2018/1/4/16850776/intel-meltdown-spectre-security-patch-immune-response |
| 22:43 | <&[R]> | <ius> Intel says everything's fine, we can all relax |
| 22:44 | <&McMartin> | Bluntly, the Internet has been overselling the threat level on it, though the pages dedicated to meltdown and spectre don't. |
| 22:45 | <&McMartin> | That also said, I don't buy the line on immunity to spectre |
| 22:45 | <&McMartin> | Meltdown, maybe, just make syscalls more expensive because we've learned that optimizing those is inherently unsafe~ |
| 22:46 | <&McMartin> | Spectre seems like it's an entire class of side-channel attacks that means any software that isn't intentionally defending against it will be vulnerable to it. |
| 22:47 | <&McMartin> | (Obviously the solution is to bring back m68k support for Linux) |
| 22:48 | <&[R]> | m68k? |
| 22:48 | <&McMartin> | The Motorola 680x0 series |
| 22:49 | <&McMartin> | Which Debian kept packages for for a rather long time |
| 22:50 | <&[R]> | When was the last CPU that used that made? |
| 22:50 | <&[R]> | Also why would m68k be any help here? Spectre seems to affect all CPUs |
| 22:51 | <&McMartin> | all CPUs that do out of order execution |
| 22:51 | <&McMartin> | That's the most recent chip I can think of that (a) definitely had Linux support and (b) didn't have OOE |
| 22:52 | <&[R]> | Ah |
| 22:52 | <&McMartin> | ... though now that I think about it, maybe MIPS didn't/doesn't? |
| 22:57 | <&McMartin> | Also, from the same site as the link that kicked this off: Google seems relatively confident too, at least |
| 22:57 | <&McMartin> | https://www.theverge.com/2018/1/4/16851132/meltdown-spectre-google-cpu-patch-performance-slowdown |
| 22:57 | <&McMartin> | I'm going to be very curious to see what these mitigations end up involving. |
| 22:59 | | Degi [Degi@Nightstar-fp79ro.dyn.telefonica.de] has joined #code |
| 23:08 | <@TheWatcher> | I miss the m68k, it was a nice processor to work with... |
| 23:08 | <&McMartin> | I actually do have its binutils on this Linux system :D |
| 23:10 | <&McMartin> | Hmm. This guy thinks that branch prediction + cache is all that's needed, not true superscalar. I suspect the later m68ks had that too. https://twitter.com/rygorous/status/948872695004905477 |
| 23:10 | <&McMartin> | Zilog Z80 and WDC 65816 for everyone, I guess |
| 23:14 | <@TheWatcher> | whoo! |
| 23:14 | <&McMartin> | Both companies are even still in business and selling products! |
| 23:14 | <&McMartin> | Also, what, what weak sauce is this |
| 23:14 | <&McMartin> | " The primary ramification of Variant 1 is that it is difficult for a system to run untrusted code within a process and restrict what memory within the process the untrusted code can access. |
| 23:15 | <&McMartin> | Hey guys, maybe run untrusted code in, i dunno, its own process with fewer permissions because it is untrusted |
| 23:21 | <&[R]> | <[R]> " two Google engineers described a novel chip-level patch that has been deployed across the company’s entire infrastructure" from the opening |
| 23:21 | <&[R]> | <[> yeah that's incorrect |
| 23:21 | <&[R]> | <[> afaik |
| 23:21 | <&[R]> | <[R]> Actually yeah, it'd be weird for Google to be shipping microcode, since that's what it'd be right? |
| 23:21 | <&[R]> | <[> yeah |
| 23:22 | <&McMartin> | I believe this is what they're referring to, and it looks like an application-level binary transform that defeats the branch-predictor attack. https://support.google.com/faqs/answer/7625886 |
| 23:22 | <&[R]> | So it's not a recompile, but some kind of binary alteration (like strip)? |
| 23:23 | <&McMartin> | Seems like. |
| 23:23 | <&McMartin> | And now I think I've found what led them to think Google was shipping microcode |
| 23:23 | <&McMartin> | https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html |
| 23:23 | <&McMartin> | "Mitigating this attack variant requires either installing and enabling a CPU microcode update from the CPU vendor (e.g., Intel's IBRS microcode), or applying a software mitigation (e.g., Google's Retpoline) to the hypervisor, operating system kernel, system programs and libraries, and user applications." |
| 23:23 | <&McMartin> | Someone read that sentence too fast. |
| 23:25 | <&McMartin> | Warning: all of this is about the branch-predictor Spectre variant ("Variant 2") which is the one that I really do not understand at all |
| 23:28 | | * [R] wonders if GCC/CLANG will eventually have retopoline flags on their linkers |
| 23:28 | <&[R]> | <[> also, i'm pretty sure its a recompile bc it talks about fixed in the generated code via compilers |
| 23:28 | <&[R]> | <[> llvm and gcc |
| 23:29 | <&McMartin> | Okay |
| 23:29 | <&McMartin> | That also matches ARM's statements |
| 23:29 | <&[R]> | Which ones? |
| 23:30 | <&McMartin> | https://developer.arm.com/support/security-update/compiler-support-for-mitigations |
| 23:30 | <&McMartin> | Sorry, had to do some digging to find the right stuff. It's been updated, so the answer is p. much "yep, they're working with gcc and clang/llvm" |
| 23:31 | | Emmy [Emmy@Nightstar-9p7hb1.direct-adsl.nl] has quit [Connection reset by peer] |
| 23:31 | <&McMartin> | This looks like Variant 1, though, not 2. |
| 23:31 | <&McMartin> | Since it's talking about memory loads |
| 23:32 | | himi [sjjf@Nightstar-dm0.2ni.203.150.IP] has joined #code |
| 23:32 | | mode/#code [+o himi] by ChanServ |
| 23:33 | | [ [art@Nightstar-lbl.59v.61.68.IP] has joined #code |
| 23:35 | | Degi_ [Degi@Nightstar-5rb14m.dyn.telefonica.de] has joined #code |
| 23:38 | | Degi [Degi@Nightstar-fp79ro.dyn.telefonica.de] has quit [Ping timeout: 121 seconds] |
| 23:38 | | Degi_ is now known as Degi |
| 23:40 | | Kindamoody is now known as Kindamoody[zZz] |
| 23:41 | <&McMartin> | R: Out of curiosity, which channel are you quoting there? |
| 23:41 | <&McMartin> | (if it's a public one) |
| 23:44 | < [> | me |
| 23:44 | < [> | also hi :> |
| 23:44 | <&McMartin> | Hello! |
| 23:44 | < [> | it's #smemp on beyondirc |
| 23:44 | < [> | a graveyard of a starcraft modding community |
| 23:44 | <&McMartin> | I'm inclined to consider that "private" ;-) |
| 23:44 | < [> | lol |
| 23:46 | < [> | i know about as much as you re: the two exploits, but [r] kept relaying chat, so i figured i'd find out where it was coming from |
| 23:46 | <&McMartin> | Good stuff |
| 23:47 | <&McMartin> | I should probably be working on un-shitting-up this old C++ templated code, but I've been multitasking |
| 23:47 | < [> | what kind of work do you do? |
| 23:47 | <&McMartin> | This is normally a pretty low-traffic channel, but quality's high, so welcome if you do stick around |
| 23:47 | <&McMartin> | Professionally, these days, system-level code for iOS apps |
| 23:47 | <&McMartin> | Hobbywise, retrocoding for 8-bit machines, mostly in asm |
| 23:48 | < [> | thx |
| 23:48 | <&McMartin> | Said shitty C++ template code is by every programmer's worst enemy: THEIR OWN PAST SELF |
| 23:48 | < [> | nice, what kind of machines? |
| 23:48 | <@TheWatcher> | Damn those past selves. |
| 23:49 | <&McMartin> | Mostly C64, with branches out into similar chips like NES and Atari 2600... |
| 23:49 | <&McMartin> | ... last year I picked up the Z80 and did some work with the ZX81 and Spectrum... |
| 23:49 | < [> | have you seen the super nt or the nt mini? snes and nes rebuilt from scratch in fpga |
| 23:49 | <&McMartin> | ... and I grew up on DOS and still dabble in that a little thanks to DOSbox |
| 23:49 | < [> | i keep trying to convince myself to spend the $200 on the new snes one |
| 23:49 | <&McMartin> | Haven't seen the devices; weirdly I missed most of the 16-bit era |
| 23:49 | <&McMartin> | Unless you count early-90s DOS, which I kinda don't |
| 23:49 | < [> | https://www.analogue.co/pages/store/ |
| 23:50 | <&McMartin> | My plan for 2018 is to write some stuff that'll run on Game Boy and Sega Genesis/MegaDrive |
| 23:50 | < [> | game or other? |
| 23:50 | <&McMartin> | GB is *almost* Z80, so that's cruising along |
| 23:50 | <&McMartin> | Starting with just "does something interesting" |
| 23:50 | <&McMartin> | I have a couple game ideas but I'd want to prototype them in something that devs faster first |
| 23:51 | < [> | i once hand ported some gba code to c in order to decompress some resources in advance wars to use in my own modern clone |
| 23:51 | <&McMartin> | Thinking doing a Life automaton |
| 23:51 | < [> | that was my first look at z80? asm |
| 23:51 | <&McMartin> | Yeah, GBA (even GB, really) are way more amenable to just working in C |
| 23:51 | <&McMartin> | GBA was ARM. |
| 23:51 | < [> | ah |
| 23:52 | < [> | guess it wasn't my first look at that asm then, i did some arm in a college class |
| 23:52 | | Degi [Degi@Nightstar-5rb14m.dyn.telefonica.de] has quit [Connection reset by peer] |
| 23:52 | <&McMartin> | GB/GBC is a wacky custom chip by Sharp that's about half a Z80 with some extra stuff |
| 23:52 | < [> | oh ok, it might have been that then. |
| 23:52 | <&McMartin> | Genesis is an Motorola 68000 with a Z80 coprocessor |
| 23:52 | <&McMartin> | I've never touched m68k, but the binutils are still in all the repos, so that's an assembler and linker handy off the bat |
| 23:53 | <&McMartin> | binutils assemblers tend to be hot garbage though |
| 23:53 | < [> | lol |
| 23:53 | <&McMartin> | Designed to consume code that's easy for a compiler to generate and usually very little else |
| 23:54 | <&McMartin> | the linkers and objcopy implementations are usually really nice though |
| 23:56 | < [> | does anybody here code angular and/or typescript? |
| 23:57 | | Degi [Degi@Nightstar-5rb14m.dyn.telefonica.de] has joined #code |
| 23:57 | <&McMartin> | I don't, but others might |
| --- Log closed Fri Jan 05 00:00:00 2018 |