Tweet
Originally posted by arjan_intel
View Post
-
Spectre is not so much a product of indirect branch prediction as it is return-oriented programming. The patches provide intrinsics you can use to mark the vulnerable code gadget (eg. a for-loop with the control variable subject to outside modification) so that the TLB gets flushed at the appropriate place. -
It emits code that is never executed for real, but when speculatively executed results in an infinite loop. This makes sure that sensitive data does not end up inside the CPU cache.Originally posted by caligula View PostComment
-
These stories about spectre/meltdown + gcc/llvm/kernel/microcode have been great!Comment
-
I have not been following the happenings in the Windows world. Are you saying that Intel introduced some special/secret instructions with a microcode update to help Windows? Can I have a link to a source about this? Sounds interesting, I want to read about it.Originally posted by numacross View PostComment
-
-
Microsoft has introduced mitigations for both Meltdown and Spectre. For client versions of Windows they are turned on by default. For server they have to be forced-on (https://support.microsoft.com/en-gb/...tive-execution). In the same article there's a PowerShell module for checking current status of the OS.Originally posted by tajjada View Post
For physical hosts Spectre variant 2 patch is only activated when there's a new microcode update loaded by BIOS. Loading it after the system starts or during boot (for example with the VMware micrcode driver) will not make it active.
What is more there's a similar tool for Linux (https://raw.githubusercontent.com/sp...own-checker.sh) that checks mitigations for all variants and it checks for speculation control instructions in the microcode.
Comment
Comment