[ adding Arjan ] On Tue, Jan 30, 2018 at 11:38 AM, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: [..] > Anyway, I do think the patches I've seen so far are ok, and the real > reason I'm writing this email is actually more about future patches: > do we have a good handle on where these array index sanitations will > be needed? > > Also, while array limit checking was obviously the official > "spectre-v1" issue, I do wonder if there are possible other issues > where mispredicted conditional branches can end up leaking > information? > > IOW, is there some work on tooling/analysis/similar? Not asking for > near-term, but more of a "big picture" question.. > > Linus
