Hi Filip, Thank you for writing the nice article. https://webkit.org/blog/8048/what-spectre-and-meltdown-mean-for-webkit/
I have a question. What's the reason why the patch (5) isn't shipped yet? On Sat, Jan 6, 2018 at 4:37 AM, Filip Pizlo <[email protected]> wrote: > Here is what else is in trunk: > > - index masking > - pointer poisoning > > I’m going to write up what our thoughts are shortly. :-) For now feel free > to browse the code with those two hints. > > -Filip > > > On Jan 5, 2018, at 8:31 AM, Konstantin Tokarev <[email protected]> wrote: > > > > Hi, > > Here's a collection of blog posts from other major browser vendors > regarding the Meltdown and Spectre attacks: > > https://blogs.windows.com/msedgedev/2018/01/03/speculative-execution-mitigations-microsoft-edge-internet-explorer/ > > https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ > > https://sites.google.com/a/chromium.org/dev/Home/chromium-security/ssca > > Notably, Edge and Firefox are reducing the resolution of > performance.now(), and all three are disabling SharedArrayBuffer. > > This is just a heads-up. > > > Seems like both mitigations are already present in trunk > > > Michael > > _______________________________________________ > webkit-dev mailing list > [email protected] > https://lists.webkit.org/mailman/listinfo/webkit-dev > > -- > Regards, > Konstantin > _______________________________________________ > webkit-dev mailing list > [email protected] > https://lists.webkit.org/mailman/listinfo/webkit-dev > > > > _______________________________________________ > webkit-dev mailing list > [email protected] > https://lists.webkit.org/mailman/listinfo/webkit-dev > _______________________________________________ webkit-dev mailing list [email protected] https://lists.webkit.org/mailman/listinfo/webkit-dev
