Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 16 Jan 2018 17:54:10 +0200
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        Gordon Tetlow <gordon@tetlows.org>
Cc:        freebsd-security <freebsd-security@freebsd.org>
Subject:   Re: Response to Meltdown and Spectre
Message-ID:  <20180116155410.GC55707@kib.kiev.ua>
In-Reply-To: <CAKghNw20ewR6X0Fhk1mQfz=LfDRzY3tfGwMdNb=gnrWP_wXZAw@mail.gmail.com>
References:  <20180108175751.GH9701@gmail.com> <20180113161026.GR1684@kib.kiev.ua> <CAKghNw0Bnqmb7U8f_94-tLVcvqL26EuUZMtj393uo9eudwgbNQ@mail.gmail.com> <20180116095730.GP1684@kib.kiev.ua> <CAKghNw20ewR6X0Fhk1mQfz=LfDRzY3tfGwMdNb=gnrWP_wXZAw@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 16, 2018 at 07:31:43AM -0800, Gordon Tetlow wrote:
> On Tue, Jan 16, 2018 at 1:57 AM, Konstantin Belousov
> <kostikbel@gmail.com> wrote:
> > On Mon, Jan 15, 2018 at 09:20:24PM -0800, Gordon Tetlow wrote:
> >> On Sat, Jan 13, 2018 at 8:10 AM, Konstantin Belousov
> >> <kostikbel@gmail.com> wrote:
> >> > On Mon, Jan 08, 2018 at 09:57:51AM -0800, Gordon Tetlow wrote:
> >> >> Meltdown (CVE-2017-5754)
> >> >> ~~~~~~~~~~~~~~~~~~~~~~~~
> >> >> Initial work can be tracked at https://reviews.freebsd.org/D13797.
> >> >> Please note this is a work in progress and some stuff is likely to be
> >> >> broken.
> >> > I consider this patch as ready for review now.
> >>
> >> Awesome! So, what's next? Do we have some testers we can solicit to
> >> beat on this? I believe des@ had a test case to try out? Based on
> >> where we are, what needs to be done to get this into the tree?
> >> Secondarily, what's needed to get this in shape for 10.3/10.4/11.1?
> >
> > As expected, nothing happens WRT review.
> 
> Who is a good person to review this? alc? (I can't think of any other
> VM people out there).
amd64 pmap is only smaller part of the patch, the trampoline code is IMO
both more risky and more complicated.

> 
> > Peter tested the patch, it seems to be fine. I put shims to allow i386
> > to compile. My idea is to flip the default to non-PTI and commit the
> > patch as is today.
> 
> Is there a reason to leave the PTI off in CURRENT? I'd rather turn it
> on and break some stuff to get the testing coverage than to leave it
> off.

Because there is a lot of whine about performance, including
uncertainity about several CPU families, because we still do not have
have a test tool, and because there are some bits broken more than in
non-pti kernel.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180116155410.GC55707>