The PA6T is still vulnerable

[Olof Johansson]

On Wed, Dec 29, 2021 at 8:07 AM Christian Zigotzky
<chzigotzky at xenosoft.de> wrote:
>
> Hi All,
>
> The P.A. Semi PA6T is still vulnerable.
>
> Architecture:                    ppc64
> CPU op-mode(s):                  32-bit, 64-bit
> Byte Order:                      Big Endian
> CPU(s):                          2
> On-line CPU(s) list:             0,1
> Thread(s) per core:              1
> Core(s) per socket:              2
> Socket(s):                       1
> Model:                           1.2 (pvr 0090 0102)
> Model name:                      PA6T, altivec supported
> L1d cache:                       128 KiB
> L1i cache:                       128 KiB
> Vulnerability Itlb multihit:     Not affected
> Vulnerability L1tf:              Vulnerable
> Vulnerability Mds:               Not affected
> Vulnerability Meltdown:          Vulnerable
> Vulnerability Spec store bypass: Vulnerable
> Vulnerability Spectre v1:        Mitigation; __user pointer sanitization
> Vulnerability Spectre v2:        Vulnerable
> Vulnerability Srbds:             Not affected
> Vulnerability Tsx async abort:   Not affected
>
> Could you please check this issue?

I'm not sure where you are directing this inquiry, you sent it to: me
and the mailing list. So, just in case there's any expectation of a
response:

I'm not able to spend time investigating side channel exposures on
PA6T, the platform is unsupported and best-effort on spare time (of
which I don't have enough). I don't have hardware set up to test it at
the moment.

While enabling some of the powerpc shared mitigations wouldn't be a
lot of work (cache flushes, etc), I expect them to have performance
impact that needs some effort to measure/investigate.

Have you confirmed that the published exploits are reproducible on the platform?


-Olof