Linus Torvalds writes: (Summary)
Yeah, I think everybody is a bit tired of - and burnt out by - these
patches, and they are subtler and somewhat more core than most are,
which makes the stakes a bit higher too, and the explanations can be a
bit more difficult.
bit more difficult.
I think everybody is entitled to being a bit snippy occasionally. Definitely not just maintainers.
Definitely not just maintainers.
So by all means, push right back.
So by all means, push right back.
Anyway, I do think the patches I've seen so far are ok, and the real reason I'm writing this email is actually more about future patches: do we have a good handle on where these array index sanitations will be needed?
be needed?
Also, while array limit checking was obviously the official "spectre-v1" issue, I do wonder if there are possible other issues where mispredicted conditional branches can end up leaking information?
information?
IOW, is there some work on tooling/analysis/similar?
bit more difficult.
I think everybody is entitled to being a bit snippy occasionally. Definitely not just maintainers.
Definitely not just maintainers.
So by all means, push right back.
So by all means, push right back.
Anyway, I do think the patches I've seen so far are ok, and the real reason I'm writing this email is actually more about future patches: do we have a good handle on where these array index sanitations will be needed?
be needed?
Also, while array limit checking was obviously the official "spectre-v1" issue, I do wonder if there are possible other issues where mispredicted conditional branches can end up leaking information?
information?
IOW, is there some work on tooling/analysis/similar?