Date: Tue, 16 Jan 2018 17:54:10 +0200 From: Konstantin Belousov <kostikbel@gmail.com> To: Gordon Tetlow <gordon@tetlows.org> Cc: freebsd-security <freebsd-security@freebsd.org> Subject: Re: Response to Meltdown and Spectre Message-ID: <20180116155410.GC55707@kib.kiev.ua> In-Reply-To: <CAKghNw20ewR6X0Fhk1mQfz=LfDRzY3tfGwMdNb=gnrWP_wXZAw@mail.gmail.com> References: <20180108175751.GH9701@gmail.com> <20180113161026.GR1684@kib.kiev.ua> <CAKghNw0Bnqmb7U8f_94-tLVcvqL26EuUZMtj393uo9eudwgbNQ@mail.gmail.com> <20180116095730.GP1684@kib.kiev.ua> <CAKghNw20ewR6X0Fhk1mQfz=LfDRzY3tfGwMdNb=gnrWP_wXZAw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 16, 2018 at 07:31:43AM -0800, Gordon Tetlow wrote: > On Tue, Jan 16, 2018 at 1:57 AM, Konstantin Belousov > <kostikbel@gmail.com> wrote: > > On Mon, Jan 15, 2018 at 09:20:24PM -0800, Gordon Tetlow wrote: > >> On Sat, Jan 13, 2018 at 8:10 AM, Konstantin Belousov > >> <kostikbel@gmail.com> wrote: > >> > On Mon, Jan 08, 2018 at 09:57:51AM -0800, Gordon Tetlow wrote: > >> >> Meltdown (CVE-2017-5754) > >> >> ~~~~~~~~~~~~~~~~~~~~~~~~ > >> >> Initial work can be tracked at https://reviews.freebsd.org/D13797. > >> >> Please note this is a work in progress and some stuff is likely to be > >> >> broken. > >> > I consider this patch as ready for review now. > >> > >> Awesome! So, what's next? Do we have some testers we can solicit to > >> beat on this? I believe des@ had a test case to try out? Based on > >> where we are, what needs to be done to get this into the tree? > >> Secondarily, what's needed to get this in shape for 10.3/10.4/11.1? > > > > As expected, nothing happens WRT review. > > Who is a good person to review this? alc? (I can't think of any other > VM people out there). amd64 pmap is only smaller part of the patch, the trampoline code is IMO both more risky and more complicated. > > > Peter tested the patch, it seems to be fine. I put shims to allow i386 > > to compile. My idea is to flip the default to non-PTI and commit the > > patch as is today. > > Is there a reason to leave the PTI off in CURRENT? I'd rather turn it > on and break some stuff to get the testing coverage than to leave it > off. Because there is a lot of whine about performance, including uncertainity about several CPU families, because we still do not have have a test tool, and because there are some bits broken more than in non-pti kernel.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180116155410.GC55707>