Ekaitz Zarraga 写道:
What does Debian's kconfig list for
CONFIG_BPF_UNPRIV_DEFAULT_OFF?
I've always had this option set to Y in my own kernels, and it has
never so much as inconvenienced me. However, I'm not a BPF power
user.
Does anyone know any serious and concrete drawbacks to setting
Hi,
> Does
>
> $ echo 1 | sudo tee /proc/sys/kernel/unprivileged_bpf_disabled
>
> change this?
>
> What does Debian's kconfig list for CONFIG_BPF_UNPRIV_DEFAULT_OFF?
>
> Guix has it unset (which means default on) which means that
> unprivileged_bpf_disabled is 0 (which means enabled) because
Christian Gelinek 写道:
Spectre v2: Vulnerable: eIBRS with unprivileged eBPF
[…]
Spectre v2: Mitigation; Enhanced IBRS, IBPB
conditional, RSB filling, PBRSB-eIBRS SW sequence
Does
$ echo 1 | sudo tee /proc/sys/kernel/unprivileged_bpf_disabled
change this?
What does Debian's kconfig list
Hi Christian,
On Wed, Feb 1, 2023 at 2:26 AM Christian Gelinek
wrote:
>
> On the same machine, I have run Debian 11 Live from a USB drive:
>
> Vulnerability Spectre v2:Mitigation; Enhanced IBRS, IBPB
> conditional, RSB filling, PBRSB-eIBRS SW sequence
Looks like the "Enhanced IBRS"
Hi Guix,
My CPU, an 11th Gen Intel(R) Core(TM) i7-1165G7, is reported to be
vulnerable by `lscpu`:
--8<---cut here---start->8---
Vulnerabilities:
Itlb multihit: Not affected
L1tf: Not affected
Mds: Not