|
|
Subscribe / Log in / New account

The challenge of compiling for verified architectures

The challenge of compiling for verified architectures

Posted Oct 8, 2023 9:57 UTC (Sun) by roc (subscriber, #30627)
In reply to: The challenge of compiling for verified architectures by ibukanov
Parent article: The challenge of compiling for verified architectures

Looks to me like Wasmtime is still "hoping for reliable practical protection against SPECTRE and friends".
https://bytecodealliance.org/articles/security-and-correc...

I still think this is a poor way to draw a line between "sandbox" and "verifier". If Spectre vulnerabilities are found in eBPF will it cease to be a verifier and become a sandbox? That doesn't make sense to me.

to post comments

The challenge of compiling for verified architectures

Posted Oct 8, 2023 12:57 UTC (Sun) by ibukanov (subscriber, #3942) [Link]

Presently all found speculation bugs have been promptly addressed in BPF while Wasm implementations continue to hope. Yes, this difference is poorly defined and probably cannot be formalized. Yet it is clear that it is affected by the nature of checks that has to be done at runtime.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds