Response to Meltdown and Spectre
Konstantin Belousov
kostikbel at gmail.com
Tue Jan 16 15:54:24 UTC 2018
On Tue, Jan 16, 2018 at 07:31:43AM -0800, Gordon Tetlow wrote:
> On Tue, Jan 16, 2018 at 1:57 AM, Konstantin Belousov
> <kostikbel at gmail.com> wrote:
> > On Mon, Jan 15, 2018 at 09:20:24PM -0800, Gordon Tetlow wrote:
> >> On Sat, Jan 13, 2018 at 8:10 AM, Konstantin Belousov
> >> <kostikbel at gmail.com> wrote:
> >> > On Mon, Jan 08, 2018 at 09:57:51AM -0800, Gordon Tetlow wrote:
> >> >> Meltdown (CVE-2017-5754)
> >> >> ~~~~~~~~~~~~~~~~~~~~~~~~
> >> >> Initial work can be tracked at https://reviews.freebsd.org/D13797.
> >> >> Please note this is a work in progress and some stuff is likely to be
> >> >> broken.
> >> > I consider this patch as ready for review now.
> >>
> >> Awesome! So, what's next? Do we have some testers we can solicit to
> >> beat on this? I believe des@ had a test case to try out? Based on
> >> where we are, what needs to be done to get this into the tree?
> >> Secondarily, what's needed to get this in shape for 10.3/10.4/11.1?
> >
> > As expected, nothing happens WRT review.
>
> Who is a good person to review this? alc? (I can't think of any other
> VM people out there).
amd64 pmap is only smaller part of the patch, the trampoline code is IMO
both more risky and more complicated.
>
> > Peter tested the patch, it seems to be fine. I put shims to allow i386
> > to compile. My idea is to flip the default to non-PTI and commit the
> > patch as is today.
>
> Is there a reason to leave the PTI off in CURRENT? I'd rather turn it
> on and break some stuff to get the testing coverage than to leave it
> off.
Because there is a lot of whine about performance, including
uncertainity about several CPU families, because we still do not have
have a test tool, and because there are some bits broken more than in
non-pti kernel.
More information about the freebsd-security
mailing list