Is there a good reason why I shouldn't pass "mitigations=off" to my kernel and get a two-digit percent performance win? personal laptop, single user. is there any remotely plausible attack scenario?
Conversation
Replying to
you think you can bypass site isolation with any of these vulns? (okay, admittedly I'm using firefox and I think it doesn't have site isolation yet.)
2
1
but as far as I'm aware a) no such attacks happened and b) all exploit code so far that I've seen wasn't really working in realworld, always had requirements like "please disable kaslr and run as root" or similar.
2
1
The JS engines have their own spectre mitigations AFAIK, so native Code execution (possibly inside the sandbox) would be requirement
1
1
Though the chrome team recently released a paper that software mitigations don't work: arxiv.org/abs/1902.05178.
2
4




