Overview
Explore the challenges and strategies for effectively testing transient execution mitigations in a 30-minute Linux Foundation conference talk. Delve into the ongoing battle between security and performance in the wake of vulnerabilities like Spectre and Meltdown. Examine various testing methods, their pros and cons, and current community practices. Gain insights into the complexities of mitigation testing, including the difficulties in creating universally functional tests for microarchitectural exploits. Learn about the distribution of fixes, vulnerability reporting processes, and potential risks. Discover how to assess your system's safety and consider future improvements in testing methodologies. Acquire valuable resources and explore potential changes to enhance transient execution mitigation testing.
Syllabus
Introduction
About Russell
Background
Transient Execution
Transient Execution Example
Spectre Meltdown
How fixes get distributed
How vulnerabilities are discovered reported
What can go wrong
How do you know youre safe
What happens next
TrustMeBro
Resources
How Could We Change
Taught by
Linux Foundation