GRSecurity releases Respectre (for Spectre)

[…]Respectre(TM) is a nod to the Spectre speculation attack and signifies that it (re)veals potential Spectre vulnerabilities, (re)spects the original intent of the code, and automatically (re)factors it via a compiler plugin to eliminate speculation-based side channels. All plugin-capable versions of the compiler commonly used to compile Linux are supported, and the plugin itself is architecture-independent. The initial release to grsecurity(R) customers focusing on Spectre v1 supports the ARMv7, AArch64, PPC64, x86, and x86_64 architectures. Special care was taken in designing the plugin to ensure both low impact to compilation time as well as negligible impact to runtime performance (measured as 0.3% in a kernel-focused stress test). The plugin incorporates advanced static analysis far beyond the level of any existing tools for any OS, and is the 4th largest plugin of the 14 available in the grsecurity(R) kernel patches. Work is already underway to enhance the static analysis of the plugin even further and add coverage for other similar Spectre types.[…]

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s