Re: Spectre mitigation doesn't seem to work at all?!
From: Peter Zijlstra
Date: Mon Jun 04 2018 - 05:15:19 EST
On Mon, Jun 04, 2018 at 10:50:07AM +0200, Andreas Hartmann wrote:
> Ok, this means every program running on the machine has to care itself
> to be spectre v1 - safe.
Correct. Compiler and static analyser teams are looking hard at this to
help.
> A malicious program most probably won't care about that. Therefore, my
> next question is: which memory regions can be exploited by a malicious
> program? The complete physical memory or only the memory provided to the
> malicious program? Should be the latter if this approach should have any
> impact.
It affects the virtual memory of the target process.