On Thu, Feb 01, 2018 at 01:52:46PM -0800, Paul Rogers wrote:
> > If anybody wants to add full retpoline mitigation (against Spectre
> > v2) to an older system, the following works on x86_64 (I no longer
> > have i686 systems to test on).
>
> Thank you, Ken. I do. I can try it. I'll report back when I have
> information. I haven't seen any indications yet that the 4.4 & 4.9 kernel
> patches install PTI on i686 builds.
>
The i686 patches for that are still being developed, hopefully at
some point they might be ready for a 4.15-rc, and after that get
backported to 4.14 and perhaps to 4.9, 4.4 (depending on how has
changed). Best to read that as "in early development".
> Also, perhaps you can clarify: The latest kernel patches for 4.4 & 4.9 use
> retpoline. Clearly we *want* both, but I'm confused about whether each
> offers any mitigation on its own?
>
PTI offers mitigation against Meltdown, retpoline against Spectre
v2.
And by the time there are mitigations for Spectre v1 (currently,
considerations seem to be particularly focussed on cloud providers
with heterogenous environments, where a VM can be migrated to a
newer, or older, machine - but I guess the attacks are more likely
against VMs shared hosts).
So again, don't hold your breathe.
Looks like this will be a fun year, for some definition of fun.
ĸen
--
Truth, in front of her huge walk-in wardrobe, selected black leather
boots with stiletto heels for such a barefaced truth.
- Unseen Academicals
--
http://lists.linuxfromscratch.org/listinfo/lfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
Do not top post on this list.
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
http://en.wikipedia.org/wiki/Posting_style
