Meltdown/Spectre mitigation for 4.15 and beyond
Meltdown/Spectre mitigation for 4.15 and beyond
Posted Jan 15, 2018 22:55 UTC (Mon) by roc (subscriber, #30627)Parent article: Meltdown/Spectre mitigation for 4.15 and beyond
Isn't this an overstatement considering that thoroughly protecting the kernel against Spectre variant 1 requires using the new array-index macro everywhere it's needed, and no-one actually knows yet how to determine where it's needed?
Another source of confusion is that some people will interpret the above statement to mean that userspace is protected when running on the right kernel, when that is definitely not the case. This is similar to how the cloud providers quickly announced "we've fixed everything in our cloud!" when in fact they only fixed specific hypervisor-related issues and customers still have a ton of work to do.
Posted Jan 15, 2018 23:39 UTC (Mon)
by pbonzini (subscriber, #60935)
[Link]
Posted Jan 16, 2018 0:18 UTC (Tue)
by corbet (editor, #1)
[Link] (1 responses)
Posted Jan 16, 2018 2:20 UTC (Tue)
by roc (subscriber, #30627)
[Link]
Meltdown/Spectre mitigation for 4.15 and beyond
Yeah, OK, that probably wasn't the best thing I ever wrote. In my poor defense I'll say that I was awfully tired by the time I got to the end of all that stuff...
Meltdown/Spectre mitigation for 4.15 and beyond
Meltdown/Spectre mitigation for 4.15 and beyond