We're hiring!
*

Linux isn't immune

Gustavo Padovan avatar

Gustavo Padovan
March 14, 2018

Share this post:

The recent disclosure of Meltdown and Spectre hardware vulnerabilities were unprecedented in the history of computing. They affect a substantial portion of chips powering most of the infrastructure used by our society today.

While software vulnerabilities can be easily repaired with an update, it is a completely different story when it comes to hardware, and the Linux Kernel community had a hard time dealing with them.

The mitigation for Meltdown came in the form of a fundamental change of the kernel memory management through the kernel page-table isolation (KPTI) patch set merged in 4.15-rc6, which isolates the kernel page table from the userspace page table.

Spectre, on the other hand, is much harder to fix, and while initial mitigation exists, more elegant and efficient solutions are yet to be developed. As its name says, Spectre may still haunt us for quite some time.

These issues may be just the first of their kind but they are already causing all of us to be exposed. Too many service providers and product companies have failed and will continue to fail at patching their kernels.

Shifting all industries and sectors toward following the mainline Linux kernel closely is more crucial than ever.

(Originally published in Linux Format magazine, Issue 234, January 2018)

Comments (0)


Add a Comment






Allowed tags: <b><i><br>Add a new comment:


Search the newsroom

Latest Blog Posts

Experimental Panfrost GLES 3.0 support has landed in Mesa

27/02/2020

Panfrost's ES 3.0 support has landed in upstream Mesa and works with a mainline Linux kernel. The support is still early, but if you're…

Using gcc sanitisers to get a nasty bug fixed

18/02/2020

When a bug surprises you when doing Apertis packaging of a typical vendor code signing tool, it's time to debug it using the compiler's…

FOSDEM 2020 - Recorded presentations (videos)

05/02/2020

From KernelCI's new home, the latest on Zink (OpenGL on Vulkan), OpenXR & Monado, PipeWire in the automotive industry, JPEG2000, and GStreamer…

Opening up Mali T720

20/12/2019

If you have a device with a Mali T720 or T820 GPU, you’re in luck – your device is now supported in upstream Mesa at feature parity with…

New graphing tool for PipeWire debugging

09/12/2019

PipeWire, the new and emerging open source framework that aims to greatly improve the exchange and management of audio and video streams…

Building GStreamer on Windows

26/11/2019

With the advent of meson and gst-build, it is now possible to set up a GStreamer Windows development environment that rivals the finest…

Open Since 2005 logo

We use cookies on this website to ensure that you get the best experience. By continuing to use this website you are consenting to the use of these cookies. To find out more please follow this link.

Collabora Ltd © 2005-2020. All rights reserved. Website sitemap.