On Saturday, February 24, 2018 at 3:10:53 PM UTC-5, jean-pierre.muench wrote: > > Hey Jeff, > > from what I understand when it comes to Spectre, it needs mitigations at > the assembly level (I think it needs an lfence instruction in front of > vulnerable branch instructions). > > ... > If this interpretation of how the compiler handles external assembly is > correct, then we'd have to provide our own Spectre and Meltdown > mitigations for our assembly code. Of course, I don't know exactly what > extra instructions are needed at what locations. >
Yeah, from what I have seen of the Reptoline remdiations that sounds about right. It puts security libraries in an uncomfortable position. Jeff -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
