We continue to work on the 4.4 backport of UDEREF, completely replacing KAISER and making us unaffected by any future issues discovered in the upstream backported code. A customer-only knowledge base has been launched at https://grsecurity.net/docs/ with the latest info #grsecurity
-
-
Replying to @grsecurity
Not affected by upstream bugs, but still by
#Meltdown https://marc.info/?l=linux-kernel&m=151690032023343&w=2 …2 replies 0 retweets 0 likes -
Replying to @joergroedel @grsecurity
i backported our UDEREF/amd64 solution to 4.4 since it's a natural fit for address space separation (have had the logic for other purposes since 2009 or so). as for i386, how do you know if the segmentation based approach fails on CPUs that aren't 64 bit capable?
1 reply 0 retweets 0 likes -
Replying to @paxteam @grsecurity
Doesn't matter. There are people running 32-bit kernels on 64-bit capable hardware too.
2 replies 0 retweets 0 likes
and of course if they're now supposed to swallow the perf impact of KAISER/PTI, they can just switch to a 64 bit kernel and call it a day. whatever way i look at it, we're covered, unlike upstream. really a shame for you guys having spent so much time and still come up short...
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.