|
version 1.28, 2018/05/04 07:34:51
|
version 1.29, 2018/05/22 07:27:25
|
|
Line 92 riscv |(Spec.) |Not vulnerable | | |
|
Line 92 riscv |(Spec.) |Not vulnerable | | |
|
| |ARM (others) |Not vulnerable | | | |
|ARM (others) |Not vulnerable | | | |
| """]] |
"""]] |
| |
|
| |
## Spectre Variant 4 |
| |
|
| |
[[!table data=""" |
| |
Port |Vendor/Model |Spectre (V4) |NetBSD-7 |NetBSD-8 |NetBSD-current |
| |
amd64 |Intel |Vulnerable |Not fixed |Not fixed |Fixed [MitigE] |
| |
amd64 |AMD |Unknown | | | |
| |
amd64 |VIA |Unknown | | | |
| |
i386 |Intel |Vulnerable |Not fixed |Not fixed |Fixed [MitigE] |
| |
i386 |AMD |Unknown | | | |
| |
i386 |VIA |Unknown | | | |
| |
"""]] |
| |
|
| ## Mitigations |
## Mitigations |
| |
|
| ### Mitigation A: SVS |
### Mitigation A: SVS |
|
Line 118 automatically. It can be dynamically dis
|
Line 130 automatically. It can be dynamically dis
|
| SpectreV2 is mitigated in the kernel with the GCC "retpoline" compilation |
SpectreV2 is mitigated in the kernel with the GCC "retpoline" compilation |
| flag, which is enabled by default in GENERIC. |
flag, which is enabled by default in GENERIC. |
| |
|
| |
### Mitigation E: Intel SSBD |
| |
|
| |
SpectreV4 can be mitigated with the SSBD method (Intel only for now). It |
| |
can be dynamically enabled by changing the "machdep.spectre_v4.mitigated" |
| |
sysctl. |
| |
|
| ## External Resources |
## External Resources |
| |
|
| * [MIPS Blog Post](https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/) |
* [MIPS Blog Post](https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/) |
![[BACK]](/icons/back.gif){kind=icon}
Return to meltdown_spectre.mdwn CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [NetBSD Developer Wiki] / wikisrc / security