From: Martin Vaeth <martin@mvath.de>
To: gentoo-user@lists.gentoo.org
Subject: [gentoo-user] Re: Spectre-NG
Date: Wed, 9 May 2018 18:18:08 +0000 (UTC) [thread overview]
Message-ID: <slrnpf6ev3.hum.martin@clover.invalid> (raw)
In-Reply-To: CAGfcS_=8kG9ugz9Zk6ZK0jDB6tgn0fx=CPVe2XtW_OvFRvf2SQ@mail.gmail.com
Rich Freeman <rich0@gentoo.org> wrote:
> On Tue, May 8, 2018 at 4:19 AM Martin Vaeth <martin@mvath.de> wrote:
>
>> Rich Freeman <rich0@gentoo.org> wrote:
>> >
>> > Higher-level languages will probably become nearly immune to Spectre
> just
>> > as most are nearly immune to buffer overflows.
>
>> Quite the opposite: Higher-level languages *always* do some checks
>> for array-length etc, and it is the _checks_ which are vulnerable.
>> You can only make them non-vulnerable by making them horribly slow
>> (by omitting speculative execution completely for the corresponding
>> conditionals).
>
> Sure, but my point is that you CAN make them non-vulnerable by changing the
> compiler.
Which would be the horribly slow case I mentioned above.
> On the other hand, if somebody manually does a range check in C the only
> way to fix it is to either fix the source code
If slowness is not the issue, one could fix the C compiler in the same way
by avoiding speculative exection for every conditional jump.
As mentioned, I wonder why gcc/clang do not yet support this
horribly slow but spectre-safe option. It can't be that hard to
implement in the actual code-producing back-end. Only possible
optimization of that code (catching unnecessary cases or
preferring alternative code-paths if there are two many bad
cases) might be tricky, but perhaps this could be postponed
in a first implementation: safety first.
next prev parent reply other threads:[~2018-05-09 18:20 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-07 11:15 [gentoo-user] Spectre-NG Mick
2018-05-07 11:45 ` Rich Freeman
2018-05-08 8:19 ` [gentoo-user] Spectre-NG Martin Vaeth
2018-05-08 20:15 ` Rich Freeman
2018-05-09 18:18 ` Martin Vaeth [this message]
2018-05-09 19:04 ` Wols Lists
2018-05-09 22:50 ` Ian Zimmerman
2018-05-10 13:35 ` Wol's lists
2018-05-10 16:52 ` Ian Zimmerman
2018-05-09 19:16 ` Rich Freeman
2018-05-10 5:34 ` Martin Vaeth
2018-05-10 13:58 ` Rich Freeman
2018-05-10 15:31 ` Martin Vaeth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=slrnpf6ev3.hum.martin@clover.invalid \
--to=martin@mvath.de \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox