Announcement

Collapse
No announcement yet.

Intel Developer's Patch To Let SECCOMP Processes Like Web Browsers Opt Out Of Spectre V4

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    Intel Developer's Patch To Let SECCOMP Processes Like Web Browsers Opt Out Of Spectre V4

    Phoronix: Intel Developer's Patch To Let SECCOMP Processes Like Web Browsers Opt Out Of Spectre V4

    Currently the Linux kernel SECCOMP secure computing mode force-enables Spectre protections, which comes with obvious performance implications. When force-enabled, however, processes can't opt-out of the protection if they are not at risk to the likes of Spectre V4 "Speculative Store Bypass" issues. But a simple change being proposed would let such processes opt out if desired...

    Intel Developer's Patch To Let SECCOMP Processes Like Web Browsers Opt Out Of Spectre V4 - Phoronix
    http://www.phoronix.com/scan.php?page=news_item&px=SECCOMP-Opt-Out-SSBD
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    Seen the home use of my notebook, I chose this solution.

    • Likes 1

    Comment

    • #3
      Patching Titanic? What a delusional company.
      • Likes 1

      Comment

      • #4
        Great idea, let processes opt out of mds mitigations. What could possibly go wrong......
        • Likes 6

        Comment

        • #5
          Originally posted by mhartzel View Post
          Great idea, let processes opt out of mds mitigations. What could possibly go wrong......
          Please, read the article. Or read it again if you already did.
          Last edited by ktecho; 13 March 2020, 11:17 AM.

          Comment

          • #6
            Originally posted by ktecho View Post

            Please, read the article. Or read it again if you already did.
            The article says they intend to do this because those processes run in a sandbox. My understanding of MDS is that doesn't matter. I'm with mhartzel.. Leave these on permanently.

            Comment

            • #7
              the first users are going to be malware and benchmarks
              • Likes 1

              Comment

              • #8
                That's rather funny, now processes may decide to what cpu bug they want to be vulnerable to. Great deal

                Comment

                • #9
                  Originally posted by Charlie68 View Post
                  Seen the home use of my notebook, I chose this solution.
                  Hackers want to know your location.

                  Comment

                  • #10
                    Originally posted by starshipeleven View Post
                    Hackers want to know your location.
                    Hi, on this notebook I don't have sensitive data, so I'm quite calm. I know very well that it's not a great idea and I don't do it on my main pc, but this notebook was born with a poor cpu, with all the security patches it's becoming embarrassing . 🙄

                    Comment

                    Previous 1 2 template Next
                    Working...
                    X