On Apr 7, 2022, at 09:57:35, Ed Jaffe wrote: > > On 4/7/2022 8:07 AM, Tony Harminc wrote: >> >> It appears that, like the zArch implementation, Intel's requires >> programs to provide an alternative path around TSX. > > z/Architecture does *not* require an alternative path around TBEGINC/TEND. > How, then, does z/Architecture defend against such as Spectre? Does it balance paths so all exhibit the worst-case timing?
Vague recollections from unreliable sources: o Spectre on an unprotected system reads fetch-protected storage At about 1000 bits/second. o Javascript combats Spectre by fuzzing the real time clock. O [Some] kernels combat Spectre by relocating sensitive buffers frequently and randomly. -- gil
