[Cerowrt-devel] [Cake] apu2 sqm/htb issue + a minor win for speeding up fq_codel itself
chromatix99 at gmail.com
Wed Oct 3 14:32:23 EDT 2018
> On 3 Oct, 2018, at 8:43 pm, Toke Høiland-Jørgensen <toke at toke.dk> wrote:
> I don't suppose 18.06 enables any of the SPECTRE mitigations (was that
> an issue on ARM)?
That depends on the ARM core involved. Most of them in CPE devices (eg. Cortex-A5/7/53) have in-order execution engines, so should be immune - but it's not inconceivable that some of the mitigations are enabled regardless.
The WRT1200AC uses the Marvell 88F6820 which has a pair of Cortex-A9 cores. These are mildly out-of-order engines which would be at least theoretically vulnerable to Spectre v1, but that is not a kernel-level exploit. According to https://www.techarp.com/guides/complete-meltdown-spectre-cpu-list/4/#arm the Cortex-A9 is also vulnerable to Spectre v2 which is the branch-predictor poisoning attack, for which kernel-level mitigations may be appropriate. It is however immune to Meltdown.
I'm not familiar with precisely what mitigations are now in use on ARM. I am however certain that, on a device running only trustworthy code (ie. not running a Web browser), mitigating Spectre is unnecessary. If an attacker gets into a position to exploit it, he's already compromised the device enough to run a botnet anyway.
- Jonathan Morton
More information about the Cerowrt-devel