On Fri, 20 Jul 2018 11:24:57 +0200, David Kastrup wrote:
>So the idea to take this into low-latency realms with a view on
>realtime effects seems a bit optimistic indeed.
;)
On Thu, 19 Jul 2018 22:52:45 -1000, _another_ david wrote:
>I first tried it with 4.13.x and decided that items like random
>kernel panios, system freezes and crashes weren't very good ways to
>defend against Spectre/Meltdown/DOS. ;)
Actually freezes and crashes do defend against attacks :D. But you are
right, for Claws and Firefox I'm experiencing way to often serious
issues and for virtualbox at least way to often an annoyance for an
unexplained reason.
I at least should test using it with PTI disabled.
The current default on my machine is:
[rocketmouse@archlinux ~]$ ls -hAl /sys/devices/system/cpu/vulnerabilities/; cat /sys/devices/system/cpu/vulnerabilities/*
total 0
-r--r--r-- 1 root root 4.0K Jul 20 10:12 meltdown
-r--r--r-- 1 root root 4.0K Jul 20 10:12 spec_store_bypass
-r--r--r-- 1 root root 4.0K Jul 20 10:12 spectre_v1
-r--r--r-- 1 root root 4.0K Jul 20 10:12 spectre_v2
Mitigation: PTI
Vulnerable
Mitigation: __user pointer sanitization
Mitigation: Full generic retpoline, IBPB, IBRS_FW
'nopti' only would disable PTI, but keep the spectre mitigations. While
PTI is part of the kernel, the spectre mitigations are likely part
of the µcode. However, if I would run my CPU without the µcode, I
perhaps would get rid of the spectre mitigation, but IIRC I
unfortunately would get rid of TSC, too.
_______________________________________________
Linux-audio-user mailing list
Linux-audio-user@lists.linuxaudio.org
https://lists.linuxaudio.org/listinfo/linux-audio-user
Received on Fri Jul 20 16:15:02 2018
This archive was generated by hypermail 2.1.8 : Fri Jul 20 2018 - 16:15:03 EEST