That is specious reasoning at best. The jit option requires that you allow mixed instructions/data in memory, which leaves you open to a lot more than spectre. The problem is you've (Red Hat) sold people a bill of goods with java jit, the solution is for people to write proper code and corporations to not tolerate bad code that ignores everything that's been learned about security.
Besides, there's no reason to think, particularly given it's sloppy, sloppy coding that the jit option has fewer security holes in general. This is the same type of CRAP that has led to systemD (for Dumb Ass) and other bloat wear like gnome3. If i wanted bad security, unreliability, bloatware and the destruction of the illusion of "high speed data processing" i'd use winblows. seriously, can we try to keep these corporate schills the hell off the list? Yes, i hate red hat, google, chrome, and now firefox. It's not so much that we've produced a generation of bad coders who don't know better, the problem is no one cares about anything other than $$$ in america any more. I'm ashamed of my fellow "citizens". If you are going to blatently lie and obfuscate please do it on fox news! mad.scientist.at.large (a good madscientist) -- God bless the rich, the greedy and the corrupt politicians they have put into office. God bless them for helping me do the right thing by giving the rich my little pile of cash. After all, the rich know what to do with money. 13. Feb 2018 02:48 by michaelkintz...@gmail.com: > On Tuesday, 13 February 2018 02:18:33 GMT Nikos Chantziaras wrote: >> On 13/02/18 03:31, Ian Zimmerman wrote: >> > On 2018-02-13 03:13, Nikos Chantziaras wrote: >> >> Apparently, and contrary to what people (me included) wrote here in >> >> the past, BPF JIT is the secure option, and the interpreter is the >> >> insecure one. >> > >> > Do you have a reference for this? It sounds strange indeed. >> >> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i >> d=290af86629b25ffd1ed6232c4e9107da031705cb >> >> "The BPF interpreter has been used as part of the spectre 2 attack >> CVE-2017-5715. >> [...] >> To make attacker job harder introduce BPF_JIT_ALWAYS_ON config >> option that removes interpreter from the kernel in favor of JIT-only mode." > > Thanks for sharing this Nikos. > > Perhaps I'm reading the referenced post wrong. If the BPF interpreter has > been used for spectre2, then disabling CONFIG_BPF_SYSCALL does away with it > altogether, rather than turning it on and then setting BPF_JIT_ALWAYS_ON to > guard against its inherent vulnerability by using JIT-only mode? Is there > some overriding benefit of having BPF enabled at all in the first place? > > PS. I don't remotely assume I properly understand the BPF mechanism, I just > want to test my understanding above. > -- > Regards, > Mick
