We at Igalia have been trying to provide a better story for 32-bit
platforms, in particular for Armv7 and MIPS. These platforms are very
important to us, and disabling JIT renders many use cases impossible. We
want to continue this effort to support these platforms. We have been
short on resources for that effort, which is why we did not realize
early enough that more mitigation was needed for 32-bit platforms. We
now have grown our team dedicated to this and we are hopeful that we
will avoid that kind of issue in the future.
We are working on a plan to mitigate Spectre on 32-bit platforms. We
would welcome community feedback on that, as well as what kinds of
mitigations would be considered sufficient.
Regarding your patch, I think you should note that some specific 32-bit
CPUs are immune to Spectre (at least the Raspberry Pi and some
MIPS devices), I think the deactivation should be done at run-time
for CPUs not on a white list.
Guilaume Emont and the Igalia compilers team
Quoting Keith Miller (2018-02-16 16:58:07)
> I recently created a patch to disable the 32-bit JITs by default.
> The last time this was discussed was before the discovery of Spectre. In the
> attempt to mitigate Spectre. Nobody has proposed a mitigation plan for 32-bit
> WebKit. For example, pointer poisoning only works for 64-bit processors as
> they currently have a number of high bits that will never be set in a valid
> pointer. In 32-bit code the full address space is mappable so pointer
> poisoning is not guaranteed to be effective.
> Given the importance of developing mitigations for Spectre in a timely manner
> I think we should disable 32-bit JITs, in the near term, but more likely
> webkit-dev mailing list
webkit-dev mailing list