Jonathan Morton <chromati...@gmail.com> writes: > I'm not familiar with precisely what mitigations are now in use on > ARM. I am however certain that, on a device running only trustworthy > code (ie. not running a Web browser), mitigating Spectre is > unnecessary. If an attacker gets into a position to exploit it, he's > already compromised the device enough to run a botnet anyway.
Yup, especially on openwrt, where most daemons run as root anyway :) I would assume that something like the retpoline indirect function call protection is not actually enabled on openwrt; but since we were talking about performance regressions, that is certainly a major one... -Toke _______________________________________________ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
