HardenedBSD

mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-12-04 23:22:22 +01:00

History

Shawn Webb 838f91683a HBSD: Add userland plumbing for SpectreV1 mitigation Speculative Load Hardening[1] (SLH) is a mitigation technique to mitigate the SpectreV1 CPU microarchitectural bug, most commonly present in Intel CPUs. This commit introduces SLH, disabled by default, for userland. Only a single application is opted out at this time: /bin/sh. More research needed to enable SLH for /bin/sh. I have a backtrace with enough info to get me started on that. Some of the bootloader code in src/stand (the 32-bit bits) has SLH disabled. Further research needed to enable SLH for the kernel. [1]: http://releases.llvm.org/8.0.0/docs/SpeculativeLoadHardening.html Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org> github-issue: #374	2019-03-25 17:41:31 -04:00
..
Makefile	HBSD: Add userland plumbing for SpectreV1 mitigation	2019-03-25 17:41:31 -04:00
Makefile.depend

HBSD: Add userland plumbing for SpectreV1 mitigation

Speculative Load Hardening[1] (SLH) is a mitigation technique to
mitigate the SpectreV1 CPU microarchitectural bug, most commonly present
in Intel CPUs.

This commit introduces SLH, disabled by default, for userland. Only a
single application is opted out at this time: /bin/sh. More research
needed to enable SLH for /bin/sh. I have a backtrace with enough info to
get me started on that.

Some of the bootloader code in src/stand (the 32-bit bits) has SLH
disabled.

Further research needed to enable SLH for the kernel.

[1]: http://releases.llvm.org/8.0.0/docs/SpeculativeLoadHardening.html

Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
github-issue:	#374

2019-03-25 17:41:31 -04:00

Makefile

HBSD: Add userland plumbing for SpectreV1 mitigation

2019-03-25 17:41:31 -04:00

Makefile.depend