We're hiring!
*

Linux isn't immune

Gustavo Padovan avatar

Gustavo Padovan
March 14, 2018

Share this post:

The recent disclosure of Meltdown and Spectre hardware vulnerabilities were unprecedented in the history of computing. They affect a substantial portion of chips powering most of the infrastructure used by our society today.

While software vulnerabilities can be easily repaired with an update, it is a completely different story when it comes to hardware, and the Linux Kernel community had a hard time dealing with them.

The mitigation for Meltdown came in the form of a fundamental change of the kernel memory management through the kernel page-table isolation (KPTI) patch set merged in 4.15-rc6, which isolates the kernel page table from the userspace page table.

Spectre, on the other hand, is much harder to fix, and while initial mitigation exists, more elegant and efficient solutions are yet to be developed. As its name says, Spectre may still haunt us for quite some time.

These issues may be just the first of their kind but they are already causing all of us to be exposed. Too many service providers and product companies have failed and will continue to fail at patching their kernels.

Shifting all industries and sectors toward following the mainline Linux kernel closely is more crucial than ever.

(Originally published in Linux Format magazine, Issue 234, January 2018)

Comments (0)


Add a Comment






Allowed tags: <b><i><br>Add a new comment:


Search the newsroom

Latest Blog Posts

Adding VP9 and MPEG2 stateless support in v4l2codecs for GStreamer

23/06/2021

Earlier this year, from January to April 2021, I worked on adding support for stateless decoders for GStreamer as part of a multimedia internship…

Bag of Freebies for XR Hand Tracking: Machine Learning & OpenXR

17/06/2021

In our previous post, we presented a project backed by INVEST-AI which introduces a multi-stage neural network-based solution. Now let's…

Testing cameras with lc-compliance on KernelCI

15/06/2021

Initiated as a joint effort by the Google Chrome OS team and Collabora, the recent KernelCI hackfest brought the addition of new tests including…

Zink: Summer 2021 update

14/06/2021

There's a lot that has happened in the world of Zink since my last update, so let's see if I can bring you up to date on the most important…

Open Source OpenGL ES 3.1 on Mali GPUs with Panfrost

11/06/2021

Panfrost, the open source driver for Arm Mali, now supports OpenGL ES 3.1 on both Midgard (Mali T760 and newer) and Bifrost (Mali G31, G52,…

Optimizing 3D performance with virglrenderer

17/05/2021

Collabora has been investing into Perfetto to enable driver authors & users to get deep insights into driver internals and GPU performance.…

Open Since 2005 logo

We use cookies on this website to ensure that you get the best experience. By continuing to use this website you are consenting to the use of these cookies. To find out more please follow this link.

Collabora Ltd © 2005-2021. All rights reserved. Privacy Notice. Sitemap.

Collabora Limited is registered in England and Wales. Company Registration number: 5513718. Registered office: The Platinum Building, St John's Innovation Park, Cambridge, CB4 0DS, United Kingdom. VAT number: 874 1630 19.