Is the Raspberry Pi 4 vulnerable to the Spectre exploits?

Question

Now the new Raspberry 4 has moved to ARM A72 cores, it's vulnerable to the spectre issues according to ARM.

Processor   Variant 1 Variant 2 Variant 3 Variant 3a Variant 4
Cortex-A72   Yes        Yes**    No**      Yes**    Yes

But this gives no output:

ls -1A /sys/devices/system/cpu/vulnerabilities
cat /sys/devices/system/cpu/vulnerabilities/*

'/sys/devices/system/cpu/vulnerabilities/*': No such file or directory

I do wonder if hardware or software mitigations are in place?

Janghou · Answer 1 · 2019-07-01T18:53:50.537

The Raspberry Pi 4 is using ARM A72, and those ARM A72 Cores have Speculative Processor Vulnerabilities.

ARM recommends mitigation mechanisms.

The Raspberry Pi 4 has those mitigations enabled in the Raspbian Kernel.

How to check:

sudo modprobe configs
zcat /proc/config.gz | grep SPECTRE

CONFIG_CPU_SPECTRE=y

Therefor it is safe to say that an updated Raspberry Pi 4 is not vulnerable for (any known) Spectre Exploits.

But it is still vulnerable for Spectre issues. Mitigations are mitigations, not fixes.

Is the Raspberry Pi 4 vulnerable to the Spectre exploits?

1 Answers1

Linked