Agreed, this bullshit only matters at all if you have server farms on which you let loose random script kiddies, err.. paying customers.
This stuff is useless as a way to break in anywhere and even extracting encryption keys and such only works in carefully prepared environments.. When I tried the https://leaky.page demo I tried for way longer than is reasonable to make it work on my unpatched firmware/microcode + mitigations=off system but it just didn't happen.
Maybe a native program would work better, but maybe I just don't install malware like a Windows user from the 90's.
Announcement
Collapse
No announcement yet.
Linux Lands Mitigations For Spectre-BHB / BHI On Intel & Arm, Plus An AMD Change Too
Collapse
X
-
Originally posted by asriel View PostOne more useless evil mitigation for one more bullshit "vulnerability". Pray that Linus will keep the possibility to switch this crap off.
- Likes 1
Leave a comment:
-
Originally posted by bezirg View PostWhy this sudden change of amd's spectre_v2? I thought that his new cpu vulnerability does not affect the amd side.
Code:$ grep $ /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/itlb_multihit:Not affected /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected /sys/devices/system/cpu/vulnerabilities/mds:Not affected /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: usercopy/swapgs barriers and __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline, IBPB: conditional, STIBP: conditional, RSB filling /sys/devices/system/cpu/vulnerabilities/srbds:Not affected /sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected
- Likes 1
Leave a comment:
-
One more useless evil mitigation for one more bullshit "vulnerability". Pray that Linus will keep the possibility to switch this crap off.
- Likes 3
Leave a comment:
-
Why this sudden change of amd's spectre_v2? I thought that his new cpu vulnerability does not affect the amd side.
Leave a comment:
-
Originally posted by CTTY View PostDo I understand it correctly, that systems saying `Full generic retpoline` in `/sys/devices/system/cpu/vulnerabilities/spectre_v2` are NOT vulnerable? (Since Full generic retpoline are applied)
Leave a comment:
-
Do I understand it correctly, that systems saying `Full generic retpoline` in `/sys/devices/system/cpu/vulnerabilities/spectre_v2` are NOT vulnerable? (Since Full generic retpoline are applied)
Leave a comment:
-
Originally posted by kylew77 View PostAre any of the *BSDs affected? I looked it up and eBPF looks like a Linux specific feature.
- Likes 2
Leave a comment:
-
Originally posted by kylew77 View PosteBPF looks like a Linux specific feature.
Edit: see under "So, is disabling unprivileged eBPF sufficient?" [0]
[0] https://www.vusec.net/projects/bhi-spectre-bhb/Last edited by CTTY; 08 March 2022, 08:22 PM.
- Likes 2
Leave a comment:
-
Are any of the *BSDs affected? I looked it up and eBPF looks like a Linux specific feature.
Leave a comment:
Leave a comment: