Are you referring to retpolines? Browsers and JS are *extremely* virtual call heavy. Perf impact must be carefully considered.
Are you all sure that process isolation is a foolproof solution? Different address spaces on same core share a cache…
-
-
See “same-CPU cross process” on https://github.com/marcan/speculation-bugs/blob/master/README.md … —
@marcan42 seems to agree that cross process is potentially vulnerable too… -
Yeah, the only complete solutions are full IBRS/IBPB (enabled in both the kernel and userspace) or using retpolines everywhere, AFAICT.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.