Episode Details
Back to Episodes
228: The Spectre of Meltdown
Published 8 years, 2 months ago
Description
We review the information about Spectre & Meltdown thus far, we look at NetBSD memory sanitizer progress, Postgres on ZFS & show you a bit about NomadBSD.
This episode was brought to you by
Headlines
Meltdown Spectre
- Official Site
- Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign
- Intel’s official response
- The Register mocks intels response with pithy annotations
- Intel’s Analysis PDF
- XKCD
- Response from FreeBSD
- FreeBSD's patch WIP
- Why Raspberry Pi isn’t vulnerable to Spectre or Meltdown
- Xen mitigation patches
- Overview of affected FreeBSD Platforms/Architectures
- Groff's response ##### We’ll cover OpenBSD, NetBSD, and DragonflyBSD’s responses in next weeks episode. *** ###The LLVM Memory Sanitizer support work in progress > In the past 31 days, I've managed to get the core functionality of MSan to work. This is an uninitialized memory usage detector. MSan is a special sanitizer because it requires knowledge of every entry to the basesystem library and every entry to the kernel through public interfaces. This is mandatory in order to mark memory regions as initialized. Most of the work has been done directly for MSan. However, part of the work helped generic features in compiler-rt.
- Sanitizers > Changes in the sanitizer are listed below in chronological order. Almost all of the changes mentioned here landed upstream. A few small patches were reverted due to breaking non-NetBSD hosts and are rescheduled for further investigation. I maintain these patches locally and have moved on for now to work on the remaining features.
- NetBSD syscall hooks > I wrote a large patch (815kb!) adding support for NetBSD syscall hooks for use with sanitizers.
- NetBSD ioctl(2) hooks > Similar to the syscall hooks, there is need to handle every ioctl(2) call. I've created the needed patch, this time shorter - for less than 300kb.
- New patches still pending for upstream review > There are two corrections that I've created, and they are still pending upstream for review:
- Add MSan interceptor for fstat(2)](
Listen Now
Love PodBriefly?
If you like Podbriefly.com, please consider donating to support the ongoing development.
Support Us