From: Adonay Felipe Nogueira <adfeno@hyperbola.info>
To: guix-devel@gnu.org
Subject: Re: Meltdown / Spectre
Date: Wed, 10 Jan 2018 09:49:54 -0200 [thread overview]
Message-ID: <87efmy9bml.fsf@hyperbola.info> (raw)
In-Reply-To: <87tvvukqct.fsf@gmail.com> (Chris Marusich's message of "Wed, 10 Jan 2018 01:36:18 -0800")
I don't know if this serves as guidance as to if microcode is functional
or not, but from [1] I quote:
#+BEGIN_QUOTE
However, there is an exception for secondary embedded processors. The
exception applies to software delivered inside auxiliary and low-level
processors and FPGAs, within which software installation is not intended
after the user obtains the product. This can include, for instance,
microcode inside a processor, firmware built into an I/O device, or the
gate pattern of an FPGA. The software in such secondary processors does
not count as product software.
#+END_QUOTE
My (perhaps uninformed) opinion is that it's functional data, but not
the sort of "functional" that every human would be allowed to modify
after it was first written.
[1] <https://www.fsf.org/resources/hw/endorsement/criteria>.
2018-01-10T01:36:18-0800 Chris Marusich wrote:
> According to the user named _4of7 in the #libreboot channel of the
> Freenode IRC network, the email list development@libreboot.org is down.
> So the Libreboot maintainers have probably not seen this email thread.
>
> According to _4of7, currently the best way to contact the Libreboot
> maintainers is IRC. It would probably be best to ask there. If you get
> a response, please don't forget to update us here on this thread!
>
> When I asked in #freenode today, _4of7 responded as follows:
>
> <_4of7> There's not much we can do from the Libreboot side, but there are
> <_4of7> mitigations on kernel side... since it's exploitable from javascript
> <_4of7> you could also e.g. not run JavaScript. specing on #libreboot IRC had
> <_4of7> the idea to run Firefox without the JIT enabled - we both tried to
> <_4of7> compile the latest ESR however, with --disable-ion, and it segfaulted.
> <_4of7> I tried to build ff 45esr instead, but that build failed.
>
> I'm not sure who _4of7 is, so I don't know if they speak for the
> Libreboot project.
>
>
> Does the GNU Project have a policy regarding this sort of thing? I
> wasn't able to find any articles on gnu.org that discuss it.
>
> If no such policy exists, then should this topic be discussed somewhere
> like gnu-system-discuss@gnu.org? I don't know where discussions like
> this normally take place within the GNU project. It's definitely a
> discussion worth having, though.
--
- https://libreplanet.org/wiki/User:Adfeno
- Palestrante e consultor sobre /software/ livre (não confundir com
gratis).
- "WhatsApp"? Ele não é livre. Por favor, veja formas de se comunicar
instantaneamente comigo no endereço abaixo.
- Contato: https://libreplanet.org/wiki/User:Adfeno#vCard
- Arquivos comuns aceitos (apenas sem DRM): Corel Draw, Microsoft
Office, MP3, MP4, WMA, WMV.
- Arquivos comuns aceitos e enviados: CSV, GNU Dia, GNU Emacs Org, GNU
GIMP, Inkscape SVG, JPG, LibreOffice (padrão ODF), OGG, OPUS, PDF
(apenas sem DRM), PNG, TXT, WEBM.
next prev parent reply other threads:[~2018-01-10 11:50 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-06 13:20 What do Meltdown and Spectre mean for libreboot x200 user? Alex Vong
2018-01-06 17:23 ` Mark H Weaver
2018-01-06 17:43 ` Meltdown / Spectre Leo Famulari
2018-01-06 20:15 ` Mark H Weaver
2018-01-07 6:38 ` Mark H Weaver
2018-01-07 21:29 ` Mark H Weaver
2018-01-09 21:39 ` Alex Vong
2018-01-10 4:59 ` Leo Famulari
2018-01-16 10:57 ` Ludovic Courtès
2018-01-19 22:06 ` Mark H Weaver
2018-01-20 0:17 ` Leo Famulari
2018-01-21 16:26 ` Mark H Weaver
2018-01-24 14:23 ` Ludovic Courtès
2018-01-24 16:19 ` Mark H Weaver
2018-01-26 22:05 ` Mark H Weaver
2018-01-27 16:12 ` Ludovic Courtès
2018-01-10 15:00 ` ng0
2018-01-08 10:30 ` Ludovic Courtès
2018-01-10 5:27 ` Leo Famulari
2018-01-07 2:44 ` Chris Marusich
2018-01-08 17:22 ` Katherine Cox-Buday
2018-01-08 18:26 ` Marius Bakke
2018-01-08 21:51 ` Tobias Geerinckx-Rice
2018-01-08 22:01 ` Tobias Geerinckx-Rice
2018-01-09 20:13 ` Katherine Cox-Buday
2018-01-09 21:18 ` Tobias Geerinckx-Rice
2018-01-10 5:26 ` Leo Famulari
2018-01-11 19:45 ` Katherine Cox-Buday
2018-01-11 21:49 ` Adonay Felipe Nogueira
2018-01-10 10:46 ` Tobias Platen
2018-01-10 17:20 ` Leo Famulari
2018-01-10 6:43 ` Christopher Lemmer Webber
2018-01-10 18:41 ` Kei Kebreau
2018-01-16 3:58 ` Chris Marusich
2018-01-17 19:20 ` Gábor Boskovits
2018-01-14 15:11 ` Alex Vong
2018-01-09 23:10 ` Mark H Weaver
2018-01-10 5:04 ` Leo Famulari
2018-01-16 11:10 ` Ludovic Courtès
2018-01-17 2:38 ` Mike Gerwitz
2018-01-17 14:11 ` Ludovic Courtès
2018-01-10 9:36 ` Chris Marusich
2018-01-10 11:49 ` Adonay Felipe Nogueira [this message]
2018-01-10 12:35 ` Tobias Platen
2018-01-10 14:04 ` Gábor Boskovits
2018-01-12 0:25 ` Marius Bakke
2018-01-15 8:07 ` Pjotr Prins
2018-01-16 3:08 ` Mike Gerwitz
2018-01-16 10:04 ` Pjotr Prins
2018-01-12 7:39 ` Chris Marusich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87efmy9bml.fsf@hyperbola.info \
--to=adfeno@hyperbola.info \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).