Announcement

Collapse
No announcement yet.

Linux Kernel's BPF Fixed Up Against Spectre Vulnerability Bypass

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Developer12
    replied
    How in the world did they manage to address this? They're handing control to the BPF program, thus the verifier step, so it's not like it's practical to insert fences everywhere.

    Do they turn on IBRS and just leave it on or something? Does this only work for kernel-generated BPF programs? Does the verifier attempt to anticipate potential speculation and reject programs with potential issues? (wow that's a lot of false positives)

    Leave a comment:


  • Linux Kernel's BPF Fixed Up Against Spectre Vulnerability Bypass

    Phoronix: Linux Kernel's BPF Fixed Up Against Spectre Vulnerability Bypass

    With the latest mainline Git kernel as well as the newest stable point releases as of Wednesday, a Spectre issue with the kernel's BPF subsystem has been addressed...

    https://www.phoronix.com/scan.php?pa...-Spectre-33624
Working...
X