Search Linux Wireless

Re: [RFC PATCH 0/2] Branch Target Injection (BTI) gadget in minstrel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Oct 25, 2022 at 09:56:21PM +0200, Johannes Berg wrote:
On Tue, 2022-10-25 at 12:38 -0700, Pawan Gupta wrote:

> And how is sprinking random LFENCEs around better than running with
> spectre_v2=eibrs,retpoline which is the current recommended mitigation
> against all this IIRC (or even eibrs,lfence for lesser values of
> paranoia).

Its a trade-off between performance and spot fixing (hopefully handful
of) gadgets. Even the gadget in question here is not demonstrated to be
exploitable. If this scenario changes, polluting the kernel all over is
definitely not the right approach.

Btw, now I'm wondering - you were detecting these with the compiler
based something, could there be a compiler pass to insert appropriate
things, perhaps as a gcc plugin or something?

I hear it could be a lot of work for gcc. I am not sure if its worth
especially when we can't establish the exploitability of these gadgets.
There are some other challenges like, hot-path sites would prefer to
mask the indexes instead of using a speculation barrier for performance
reasons. I assume adding this intelligence to compilers would be
extremely hard. Also hardware controls and features in newer processors
will make the software mitigations redundant.



[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Wireless Regulations]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux