Re: Intel i7-1165G7 vulnerable to Spectre v2

help-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Intel i7-1165G7 vulnerable to Spectre v2

From:	Tobias Geerinckx-Rice
Subject:	Re: Intel i7-1165G7 vulnerable to Spectre v2
Date:	Wed, 01 Feb 2023 16:58:30 +0100

Christian Gelinek 写道：

Spectre v2: Vulnerable: eIBRS with unprivileged eBPF

[…]

Spectre v2: Mitigation; Enhanced IBRS, IBPBconditional, RSB filling, PBRSB-eIBRS SW sequence


Does

 $ echo 1 | sudo tee /proc/sys/kernel/unprivileged_bpf_disabled

change this?

What does Debian's kconfig list for CONFIG_BPF_UNPRIV_DEFAULT_OFF?

Guix has it *unset* (which means default *on*) which means thatunprivileged_bpf_disabled is 0 (which means *enabled*) becauseLinux is a hot mess and nobody cares.


Kind regards,

T G-R

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Intel i7-1165G7 vulnerable to Spectre v2, Christian Gelinek, 2023/02/01
- Re: Intel i7-1165G7 vulnerable to Spectre v2, Felix Lechner, 2023/02/01
  - Re: Intel i7-1165G7 vulnerable to Spectre v2, Christian Gelinek, 2023/02/03
- Re: Intel i7-1165G7 vulnerable to Spectre v2, Tobias Geerinckx-Rice <=
  - Re: Intel i7-1165G7 vulnerable to Spectre v2, Ekaitz Zarraga, 2023/02/01
    - Disabling unprivileged BPF by default in our kernels, Tobias Geerinckx-Rice, 2023/02/01
    - Re: Disabling unprivileged BPF by default in our kernels, Leo Famulari, 2023/02/02
    - Re: Disabling unprivileged BPF by default in our kernels, Remco van 't Veer, 2023/02/02
    - Re: Disabling unprivileged BPF by default in our kernels, Tobias Geerinckx-Rice, 2023/02/02
  - Re: Intel i7-1165G7 vulnerable to Spectre v2, Christian Gelinek, 2023/02/03

Prev by Date: Re: Intel i7-1165G7 vulnerable to Spectre v2
Next by Date: Re: Intel i7-1165G7 vulnerable to Spectre v2
Previous by thread: Re: Intel i7-1165G7 vulnerable to Spectre v2
Next by thread: Re: Intel i7-1165G7 vulnerable to Spectre v2
Index(es):
- Date
- Thread