1. Forum
  2. NIXNet
  3. NIX BBS

  • [$] Injecting speculation barriers into BPF programs

    From LWN.net@86:200/23 to All on Tue May 6 06:40:08 2025
    The disclosure of the Spectre
    class of hardware vulnerabilities created a lot of pain for kernel
    developers (and many others). That pain was especially acutely felt in the
    BPF community. While an attacker might have to painfully search the kernel code base for exploitable code, an attacker using BPF can simply write and
    load their own speculation gadgets, which is a much more efficient way of operating. The BPF community reacted by, among other things, disallowing
    the loading of programs that may include speculation gadgets. Luis
    Gerhorst would like to change that situation with this patch
    series that takes a more direct approach to the problem.

    https://lwn.net/Articles/1018494/
    --- SBBSecho 3.24-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)