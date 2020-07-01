Approaching the two year anniversary next month of the L1TF / Foreshadow vulnerability, a Google engineer has proposed allowing the default mitigation state to be controlled via a Kconfig build-time option. This speculative execution attack on Intel CPUs has been mitigated since August 2018 and has offered for KVM virtual machine mitigation the kvm-intel.vmentry_l1d_flush module parameter for controlling the L1 data cache flushing behavior. But now a Google engineer has proposed setting the default L1 data flushing mode to be configurable at build-time via a new KVM_VMENTRY_L1D_FLUSH knob. This knob doesn't provide any new L1 Terminal Fault mitigation but rather just allows adjusting the default behavior for the default configuration of that kernel image, whether it be to never flush the cache before a VMENTER, conditionally flush, or the most impactful state of always flushing.

Software security is the building of secure software with inherent defense so that it continues to function under malicious attacks, to the satisfaction of the users and owners of the software. This article explains the threats and solutions, from a general point of view. Standard vocabulary in information security is also explained. You should be computer and Internet literate to understand this article; you should also have studied a computer language, e.g., Perl, C, C++, PHP, etc. What is secured is information and software packages (applications and documents). Information is any message that is useful to anybody. “Information” is a vague word. The context in which it is used gives its meaning. It can mean news, lecture, tutorial (or lesson), or solution. A software package is usually a solution to some problem or related problems. In the past, all information not spoken was written on paper. Today, the software can be considered as a subset of information.

XDC 20 was set to take place this September in Poland but is now moving to an online event as a result of the ongoing coronavirus / COVID-19 pandemic. The X.Org Foundation has decided to make XDC 2020 a virtual conference due to uncertainty over the COVID-19 situation come September in Europe. This will be the first time the annual X.Org Developers' Conference has been an entirely online event. The announcement was made today as well as extending the call for presentations by an additional two weeks.

Mozilla: SpiderMonkey and Filter Treeherder Development SpiderMonkey Newsletter 5 (Firefox 78-79) SpiderMonkey is the JavaScript engine used in Mozilla Firefox. This newsletter gives an overview of the JavaScript and WebAssembly work we’ve done as part of the Firefox 78 and 79 Nightly release cycles. If you like these newsletters, you may also enjoy Yulia’s weekly Compiler Compiler live stream, a guided tour of what it is like to work on SpiderMonkey and improve spec compliance.

In Filter Treeherder jobs by test or manifest path I describe the feature. In Filter Treeherder jobs by test or manifest path I describe the feature. In this post I will explain how it came about. I want to highlight the process between a conversation and a deployed feature. Many times, it is an unseen part of the development process that can be useful for contributors and junior developers who are trying to grow as developers. Back in the Fall of 2019 I started inquiring into developers’ satisfaction with Treeherder. This is one of the reasons I used to go to the office once in a while. One of these casual face-to-face conversations led to this feature. Mike Conley explained to me how he would look through various logs to find a test path that had failed on another platform (see referenced post for further details). After I understood the idea, I tried to determine what options we had to implement it. I wrote a Google Doc with various alternative implementations and with information about what pieces were needed for a prototype. I requested feedback from various co-workers to help discover blind spots in my plans. Once I had some feedback from immediate co-workers, I made my idea available in a Google group (increasing the circle of people giving feedback). I described my intent to implement the idea and was curious to see if anyone else was already working on it or had better ideas on how to implement it. I did this to raise awareness in larger circles, reduce duplicate efforts and learn from prior work. I also filed a bug to drive further technical discussions and for interested parties to follow up on the work. Fortunately, around the same time Andrew Halberstadt started working on defining explicitly what manifests each task executes before the tasks are scheduled (see bug). This is a major component to make the whole feature on Treeherder functional. In some cases, talking enough about the need can enlist others from their domains of expertise to help with your project.

Filter Treeherder jobs by test or manifest path This feature is useful for developers and code sheriffs because it permits them to determine whether or not a test that fails in one platform configuration also fails in other ones. Previously, this was difficult because certain test suites are split into multiple tasks (aka “chunks”). In the screenshot below, you can see that the manifest path devtools/client/framework/browser-toolbox/test/browser.ini is executed in different chunks.