VMware – Patch, If You Need Better ‘Meltdown/Spectre’ Protection..

Thanks – again – to Michal Kubeček, who  has pointed out that there is still a vulnerability in some VMware (vmmon) code, that is not mitigated by Kernel/Compiler retpoline fixes, as it is written in assembler..   ( See comment on … Continue reading

Kernel – GCC and ‘Retpoline’..

The recent summary of Kernel 4.15 mentioned the test for ‘compliant’ versions of GCC which fully support the retpoline mitigation, but only gave an example of non-compliance: With GCC 7.2: ~]$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2  Vulnerable: Minimal generic ASM retpoline I re-created … Continue reading