On Wed, Sep 12, 2018 at 8:48 PM Wes Turner wrote:
> Should C extensions that compile all add
> `-mindirect-branch=thunk -mindirect-branch-register` [1] to mitigate the
> risk of Spectre variant 2 (which does indeed affect user space applications
> as well as kernels)?
>
Are those available on GC
On Wednesday, September 12, 2018, Joni Orponen
wrote:
> On Wed, Sep 12, 2018 at 8:48 PM Wes Turner wrote:
>
>> Should C extensions that compile all add
>> `-mindirect-branch=thunk -mindirect-branch-register` [1] to mitigate the
>> risk of Spectre variant 2 (which does indeed affect user space ap
"What is a retpoline and how does it work?"
https://stackoverflow.com/questions/48089426/what-is-a-retpoline-and-how-does-it-work
On Wednesday, September 12, 2018, Wes Turner wrote:
> On Wednesday, September 12, 2018, Joni Orponen
> wrote:
>
>> On Wed, Sep 12, 2018 at 8:48 PM Wes Turner wrote:
On Wed, Sep 12, 2018, 12:29 Joni Orponen wrote:
> On Wed, Sep 12, 2018 at 8:48 PM Wes Turner wrote:
>
>> Should C extensions that compile all add
>> `-mindirect-branch=thunk -mindirect-branch-register` [1] to mitigate the
>> risk of Spectre variant 2 (which does indeed affect user space applicat
Are all current Python builds and C extensions vulnerable to Spectre
variants {1, 2, *}?
There are now multiple threads:
"SEC: Spectre variant 2: GCC: -mindirect-branch=thunk
-mindirect-branch-register"
-
https://mail.python.org/mm3/archives/list/distutils-sig@python.org/thread/4BGE226DB5EWIAT5VC
echo 2 > /sys/kernel/debug/x86/ibrs_enabled
(Coss-posting to distutils-sig, as C extensions may be the most likely
abuse vector)
# Forwarded message
From: Wes Turner
Date: Mon, Sep 17, 2018 at 3:41 PM
Subject: Re: SEC: Spectre variant 2: GCC: -mindirect-branch=thunk
-mindirect-branch-register
C