Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 24 Jul 2018 11:53:45 -0400
From:      Rick Miller <vrwmiller@gmail.com>
To:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   FreeBSD, LLVM, and Spectre-v1
Message-ID:  <CAHzLAVEZt7pcQoKViP--wN7XysvpUdkctM8BSM7=Ggj5DObE4A@mail.gmail.com>

Next in thread | Raw E-Mail | Index | Archive | Help
Hi all,

The "Speculative Load Hardening" design[1] proposed to mitigate Spectre-v1
through a compiler-based approach in LLVM describes a limitation of this
approach to the problem as it "requires re-compiling source code to insert
hardening instruction sequences. Only software compiled in this mode is
protected".

In the context of FreeBSD, does this also apply to userland and Ports? The
above point seems to imply Ports or other software not built with this
toolchain will remain vulnerable. Or perhaps, by virtue of of the OS being
built using an updated compiler, will userland and Ports inherently be
protected?

[1]
https://docs.google.com/document/d/1wwcfv3UV9ZnZVcGiGuoITT_61e_Ko3TmoCS3uXLcJR0

-- 
Take care
Rick Miller



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?CAHzLAVEZt7pcQoKViP--wN7XysvpUdkctM8BSM7=Ggj5DObE4A>