From owner-freebsd-questions@freebsd.org Tue Jul 24 15:53:47 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B0266104F429 for ; Tue, 24 Jul 2018 15:53:47 +0000 (UTC) (envelope-from vrwmiller@gmail.com) Received: from mail-ua0-x231.google.com (mail-ua0-x231.google.com [IPv6:2607:f8b0:400c:c08::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4A289744D6 for ; Tue, 24 Jul 2018 15:53:47 +0000 (UTC) (envelope-from vrwmiller@gmail.com) Received: by mail-ua0-x231.google.com with SMTP id r10-v6so3080254uao.1 for ; Tue, 24 Jul 2018 08:53:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=ffDLRDm286C/anVGK+mPU+OrSzFjlztbWqwLIx9kTxs=; b=VNnocvSl0LFXRpW1T5J2II4GbW3Z9tBR0XZCUDcLLA30lZfGPTJ4tkdkWYZ6jM0VTW 4QVnl4KJlkPZOYC80j6uDc8tD0VQxNP9EWn0ChT0pe7acHnPdubZHvjkGn4SL2TBVQxz lKEDZRkJrCXzIeOfRVxxd2vaSz/P+65ZY18n8Pd7EV/Nt8D6HipGDnWX82KsjVbICo++ 0ODwxn94fSnkkIEm5UHuGx8NpX12sumGwgdvpcTQZ2+VCkqCrF/XSxlfLJxhqFK3IYDA EFN136QDHgyX9akh0b3CLMSx47ZCqcAdVFPMiYV8IvsA6zRfCBNqzZKtQwV1zMDBd3BW eOZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=ffDLRDm286C/anVGK+mPU+OrSzFjlztbWqwLIx9kTxs=; b=nvEvfj7hQJfjA2ybu2qshRRbuSM61LlqK4mNzYxF9pWZZgE7k1xjd1TLk9HuvQwsAN MG/ou5zSDvz7DDLLkaIcRQjmL+zdhlmELJbHYCV3Af2EhB60/Ay+sI4L8uqEcZ7mRHB+ 1yOn9byPZqDKzFTmU0egQ3J/pRlzXIy+L8nszuNJxnq170LlVDl3V4HY2Wq9zCeI2xff UlcfzdFkRUwk3+JlxGJBNkfMSFIHpzU7fP9a88V2/RPiv4l9waPgcBtHMtl7AG3pAWg7 jQKpGFXu13bFqy6FEFYA9tm+hIYXo8dUrAVMHUK38HsRZoZ1d75sJ4lw1MxDnpCYuehS gANA== X-Gm-Message-State: AOUpUlEfx3FRvOv8bE6QhMWrY6b4cIWtQ72eDsEOc2/hRlWpagz27Bve UE+Ma0ZA60eC8gSeuZcoUOa9OVwuNaY3rLSNAif2IX9J X-Google-Smtp-Source: AAOMgpfR31y3o9VCtCL1TK5I9sTlSR2diRl4DVWMeJzR+sCnpOiUu7TBRACANaUJlXTaXCAZfNli/G5M5ZH7CfSoEdU= X-Received: by 2002:ab0:4505:: with SMTP id r5-v6mr12271342uar.77.1532447626340; Tue, 24 Jul 2018 08:53:46 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a9f:2964:0:0:0:0:0 with HTTP; Tue, 24 Jul 2018 08:53:45 -0700 (PDT) From: Rick Miller Date: Tue, 24 Jul 2018 11:53:45 -0400 Message-ID: Subject: FreeBSD, LLVM, and Spectre-v1 To: FreeBSD Questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jul 2018 15:53:47 -0000 Hi all, The "Speculative Load Hardening" design[1] proposed to mitigate Spectre-v1 through a compiler-based approach in LLVM describes a limitation of this approach to the problem as it "requires re-compiling source code to insert hardening instruction sequences. Only software compiled in this mode is protected". In the context of FreeBSD, does this also apply to userland and Ports? The above point seems to imply Ports or other software not built with this toolchain will remain vulnerable. Or perhaps, by virtue of of the OS being built using an updated compiler, will userland and Ports inherently be protected? [1] https://docs.google.com/document/d/1wwcfv3UV9ZnZVcGiGuoITT_61e_Ko3TmoCS3uXLcJR0 -- Take care Rick Miller