>On 01/04/2018 10:09 PM, Rob wrote: >> https://lwn.net/Articles/741878/ So for a DAW "There will be a nopti command-line option to disable this mechanism at boot time." Let alone that there might be easier to use targets for an attacker: [rocketmouse@archlinux ~]$ echo $(arch-audit -f "%n | " | sort) | sed s/.$// binutils | cairo | exiv2 | ffmpeg | ffmpeg2.8 | glibc | jasper | lame | lib32-glibc | lib32-openssl | libffi | libvorbis | linux | mkinitcpio-busybox | openssl | pcre | perl-xml-libxml | rsync | zziplib [rocketmouse@archlinux ~]$ arch-audit --upgradable --quiet lib32-openssl>=1:1.1.0.h-1 openssl>=1.1.0.h-1 perl-xml-libxml>=2.0130-1 For more information see https://security.archlinux.org/ . Let alone the risk of using the Ubuntu "universe" repository: "Canonical does not provide a guarantee of regular security updates for software in the universe component, but will provide these where they are made available by the community. Users should understand the risk inherent in using these packages." - https://help.ubuntu.com/community/Repositories#Universe It for example Ubuntu provides webkitgtk still for bionic: https://packages.ubuntu.com/bionic/libwebkitgtk-1.0-0 For more information see https://usn.ubuntu.com/usn/ . It makes me wonder that people care about performance issues by something that could be disabled and that isn't needed for a DAW at all. If the DAW is used for something else, simply reboot without disabling. But again, many users don't care about all the vulnerability caused by using the Ubuntu "universe" repository, so booting with nopti seems to be the last to worry about. Btw. using a pulseaudio bridge when running jackd might cause real-time issues, too. In short, it's hysteric to decide against an Intel CPU in favour of an AMD CPU, if the reason should be performance concerns regarding KPTI. _______________________________________________ Linux-audio-user mailing list Linux-audio-user@xxxxxxxxxxxxxxxxxxxx https://lists.linuxaudio.org/listinfo/linux-audio-user
