Gentoo Archives: gentoo-user

From: Mick <michaelkintzios@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Re: some spectre v1 code in 4.15.2
Date: Tue, 13 Feb 2018 09:49:10
Message-Id: 2978649.kESJtuDMFS@dell_xps
In Reply to: [gentoo-user] Re: some spectre v1 code in 4.15.2 by Nikos Chantziaras
On Tuesday, 13 February 2018 02:18:33 GMT Nikos Chantziaras wrote:
> On 13/02/18 03:31, Ian Zimmerman wrote: > > On 2018-02-13 03:13, Nikos Chantziaras wrote: > >> Apparently, and contrary to what people (me included) wrote here in > >> the past, BPF JIT is the secure option, and the interpreter is the > >> insecure one. > > > > Do you have a reference for this? It sounds strange indeed. > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i > d=290af86629b25ffd1ed6232c4e9107da031705cb > > "The BPF interpreter has been used as part of the spectre 2 attack > CVE-2017-5715. > [...] > To make attacker job harder introduce BPF_JIT_ALWAYS_ON config > option that removes interpreter from the kernel in favor of JIT-only mode."
Thanks for sharing this Nikos. Perhaps I'm reading the referenced post wrong. If the BPF interpreter has been used for spectre2, then disabling CONFIG_BPF_SYSCALL does away with it altogether, rather than turning it on and then setting BPF_JIT_ALWAYS_ON to guard against its inherent vulnerability by using JIT-only mode? Is there some overriding benefit of having BPF enabled at all in the first place? PS. I don't remotely assume I properly understand the BPF mechanism, I just want to test my understanding above. -- Regards, Mick

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-user] Re: some spectre v1 code in 4.15.2 mad.scientist.at.large@××××××××.com