From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <chromatix99@gmail.com>
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com
 [IPv6:2a00:1450:4864:20::234])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by lists.bufferbloat.net (Postfix) with ESMTPS id 409CE3B2A4;
 Wed,  3 Oct 2018 14:32:27 -0400 (EDT)
Received: by mail-lj1-x234.google.com with SMTP id 203-v6so6014106ljj.13;
 Wed, 03 Oct 2018 11:32:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:subject:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=a8WLcLA+FKciSLFjkTMK9YgrAj75epQ1OeDBF33McnU=;
 b=gO4PRB9A56IAcCxKI+MQCeUOaj+PM4Lpn9GNlDYcbwQmFrVYPHdyvBI8BP/l/NnHQW
 b0rcXCq2acnrsygFhIavHZaoKhiWgqwtVI4rVLOEikA7TiqcP6pW9oOwMw5/pV4cU/FG
 BfGMYcZdBgJF0BMd4gpvDcfxZS/G2SejCAlXGMq04M/Wse9XEfrtyUcXDeIWXkPDrdkz
 CE6O0a28yeUDW45KLnRI8tq2ue9tHGmP0diRfqRCAevMtFbOyjAURJZoT4v/dxaRULwr
 xBrgLVrGL6/jjGb2DC4izUzNKD1Ba3/qLBDWOTAlZClEiJSw74MrqpIL9lqyMHz74EeC
 ljXw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=a8WLcLA+FKciSLFjkTMK9YgrAj75epQ1OeDBF33McnU=;
 b=T2aoc9bV84bKd1WU2Zz4EqoD3wf5H7L7iAW0AZrXzBcz8hXc5vcWXbPVP1U/b7e/7x
 8Y7ri+NuSUXUofwB98zP3TEwvMg0WVfri/MNVoZuoMQSB4uNuJ/m+91n6T/ugrRDg6/f
 Epjx9AeECcWhf862U7oh2Hyk6/Gqam/O9dHEjwYa04YfTmRIOnVxJIbTlhiQJFX5BARi
 P830xjEW2ipqUa6Qrnj/bUxAMfvi1rt3kz29C8BvwIWy3mOLJlCSrkaQ8idUVhyikbZm
 OdPtbrHlH2kQEp3FTCDrS1wyeviEIMEpKe93qV/qAYPRlIGGSUWqSQq3VhkyqPvrszAk
 ABiQ==
X-Gm-Message-State: ABuFfoglX1ysM4VBn2giLmQnqRp8CSEZEVJtnVv7/KqgAEWxStujHJeQ
 mDq89fGrgQZ2PtwddqXNzoI=
X-Google-Smtp-Source: ACcGV62idhbp+pta+t5rKEy1othicgiTGCJ2PkS6BDOQ7ulH0B4wQIxX4IcCGNjvHnxE5qL/cvY2yA==
X-Received: by 2002:a2e:6805:: with SMTP id c5-v6mr2023675lja.41.1538591546004; 
 Wed, 03 Oct 2018 11:32:26 -0700 (PDT)
Received: from jonathartonsmbp.lan (83-245-238-10-nat-p.elisa-mobile.fi.
 [83.245.238.10])
 by smtp.gmail.com with ESMTPSA id p21-v6sm472916lfc.5.2018.10.03.11.32.24
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 03 Oct 2018 11:32:25 -0700 (PDT)
Content-Type: text/plain;
	charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Jonathan Morton <chromatix99@gmail.com>
In-Reply-To: <87va6j9b97.fsf@toke.dk>
Date: Wed, 3 Oct 2018 21:32:23 +0300
Cc: Dave Taht <dave.taht@gmail.com>, Mikael Abrahamsson <swmike@swm.pp.se>,
 Cake List <cake@lists.bufferbloat.net>, cerowrt-devel@lists.bufferbloat.net
Content-Transfer-Encoding: quoted-printable
Message-Id: <7DF1B2AE-37DD-4C08-A3A0-2890FAD0CE27@gmail.com>
References: <CAA93jw4oaNeZMF7dqwnM2cSC7HaeV=p-mP_y3jEA5Ao04JXgJQ@mail.gmail.com>
 <CAA93jw4e=1_ke22GGEOm2sHWKxa6ctnj5gt984GKWT7UoGNC+w@mail.gmail.com>
 <CAA93jw6m6PFjgqH6WLN4zkD9Ct_Q5sxnT4HK8d+SGasfOtt0=Q@mail.gmail.com>
 <1D2079D5-3BA8-4968-AD5A-990AFA3A7698@heistp.net>
 <CAA93jw7v_PTzBnKWhh=c8RvTfeT58UAZc54kZSbgYN2PtxTM5g@mail.gmail.com>
 <alpine.DEB.2.20.1810031555300.4550@uplift.swm.pp.se>
 <CAA93jw7nGhSOsrZr5PuoReqQkVuB4JsjyOvQhimHOopWw0UmPg@mail.gmail.com>
 <alpine.DEB.2.20.1810031728090.4550@uplift.swm.pp.se>
 <CAA93jw6iSVfX8F=DV-rq6OTGNzGjB7FRjtgh+2DL_P4yAg4Asg@mail.gmail.com>
 <87va6j9b97.fsf@toke.dk>
To: =?utf-8?Q?Toke_H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>
X-Mailer: Apple Mail (2.3445.9.1)
Subject: Re: [Cerowrt-devel] [Cake] apu2 sqm/htb issue + a minor win for
 speeding up fq_codel itself
X-BeenThere: cerowrt-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Development issues regarding the cerowrt test router project
 <cerowrt-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/cerowrt-devel>,
 <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/cerowrt-devel>
List-Post: <mailto:cerowrt-devel@lists.bufferbloat.net>
List-Help: <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/cerowrt-devel>,
 <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Wed, 03 Oct 2018 18:32:27 -0000

> On 3 Oct, 2018, at 8:43 pm, Toke H=C3=B8iland-J=C3=B8rgensen =
<toke@toke.dk> wrote:
>=20
> I don't suppose 18.06 enables any of the SPECTRE mitigations (was that
> an issue on ARM)?

That depends on the ARM core involved.  Most of them in CPE devices (eg. =
Cortex-A5/7/53) have in-order execution engines, so should be immune - =
but it's not inconceivable that some of the mitigations are enabled =
regardless.

The WRT1200AC uses the Marvell 88F6820 which has a pair of Cortex-A9 =
cores.  These are mildly out-of-order engines which would be at least =
theoretically vulnerable to Spectre v1, but that is not a kernel-level =
exploit.  According to =
https://www.techarp.com/guides/complete-meltdown-spectre-cpu-list/4/#arm =
the Cortex-A9 is also vulnerable to Spectre v2 which is the =
branch-predictor poisoning attack, for which kernel-level mitigations =
may be appropriate.  It is however immune to Meltdown.

I'm not familiar with precisely what mitigations are now in use on ARM.  =
I am however certain that, on a device running only trustworthy code =
(ie. not running a Web browser), mitigating Spectre is unnecessary.  If =
an attacker gets into a position to exploit it, he's already compromised =
the device enough to run a botnet anyway.

 - Jonathan Morton