Re: RETBleed: WARNING: Spectre v2 mitigation leaves CPU vulnerable to RETBleed attacks, data leaks possible!

[Adam Borowski]

On Thu, Jul 14, 2022 at 11:01:12AM +0200, Greg Kroah-Hartman wrote:
> On Thu, Jul 14, 2022 at 02:15:07PM +0530, Naresh Kamboju wrote:
> > We are booting the i386 kernel on an x86 machine.
> > With Spectre V2 patches merged into Linux mainline we have been noticing
> > RETBleed: WARNING: Spectre v2 mitigation leaves CPU vulnerable to
> > RETBleed attacks, data leaks possible!
> 
> That's funny.  I don't think that's a valid combination that should be
> cared about, but I'll leave it to Pawan to comment if it is something
> that is "real" to be concerned for.

Alas, some people still run that because of not knowing any better.
Until not so long ago, they were proposed with two install media, "32-bit"
and "64-bit", but no explanation.  Upgrades keep working, crossgrades are
still only for the brave of the heart, and reinstalling might not appear
to have a reason compelling enough.  And for quite some tasks, halved word
size (thus ~2/3 memory usage) can overcome register starvation and win
benchmarks.

Thus I wonder: perhaps such combinations we consider to be invalid should
refuse to boot unless given a cmdline parameter?


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ What kind of a drug are "base" and "red pill"?  I think acid is
⢿⡄⠘⠷⠚⠋⠀ LSD, which would make base... ?  Judging from the behaviour of
⠈⠳⣄⠀⠀⠀⠀ those "based and redpilled", something nasty.