Linux Kernel Continues To Offer Mitigation for Spectre Mitigation

Feb 06, 2019

Kernel 4.19 has added another family of Spectre vulnerabilities to its list of mitigating the mitigation.

Usually, you want to mitigate all possible vulnerabilities unless we are talking about Meltdown and Spectre which are a class or family of dozens of vulnerabilities. But what sysadmins hate more than these vulnerabilities are mitigations offered to these vulnerabilities. Some of these mitigations have a massive impact on performance, while not offering any significant protection.

Gauging the pros and cons, sysadmins have gone as far as asking the Linux kernel community to give them an option to disable these mitigations. The Linux kernel community always listens.

Linux Kernel 4.15 added the ability for sysadmins to disable the kernel's built-in mitigations for the Spectre v2 vulnerability, then Linux Kernel 4.17 offered the option to disable all mitigations for Spectre v4 and now Linux Kernel 4.19 allows admins to disable mitigations for Spectre v1.

You may or may not trust NSA, but they have a very decent guide on GitHub to help keep up with all Spectre related vulnerabilities.

Related content

  • Linus Torvalds Rips Intel for Meltdown and Spectre Flaws

    Torvalds is not happy with the way Intel handled these two vulnerabilities.

  • Linux 5.0 Is Here

    Linus says don't get excited, but the new release contains some significant updates.

  • Meltdown and Spectre

    The blatant security holes known as Meltdown and Spectre, which are built into the computer hardware, are likely to keep us busy for the next few years. How is the Linux community addressing this unexpected challenge?

  • News

    Dell kickstarts 2018 with a brand new Linux laptop, Linus Torvalds rips Intel for meltdown and Spectre flaws, LibreOffice-based CODE 3.0 released, Google announces Kubeflow to bring Kubernetes to machine learning, and a critical flaw in phpMyAdmin. 

  • Kernel News

    Zack Brown reports on taking a header and the next Spectre vulnerability.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More