Date: Fri, 26 Mar 2021 19:46:33 +0100 From: Dimitry Andric <dim@FreeBSD.org> To: tech-lists <tech-lists@zyxst.net> Cc: freebsd-hackers@freebsd.org Subject: Re: cost/benefit of some src.conf options Message-ID: <56F46324-59BB-4CC2-BE90-5FF63C4554ED@FreeBSD.org> In-Reply-To: <YF3pHo5Pj5Swm90O@ceres.zyxst.net> References: <YF3pHo5Pj5Swm90O@ceres.zyxst.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_1BBEE2DB-6E89-4047-819E-5893D270272F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
On 26 Mar 2021, at 15:01, tech-lists <tech-lists@zyxst.net> wrote:
>=20
> Please can someone briefly explain the impact of the following, in
> an *arm64* stable/13 exposed-to-the-internet context:
>=20
> 1. WITH_INIT_ALL_PATTERN=3D
> 2. WITH_KERNEL_RETPOLINE=3D
> 3. WITH_RETPOLINE=3D
How briefly, exactly? Quoting src.conf(5), in order:
WITH_INIT_ALL_PATTERN
Set to build the base system or kernel with stack variables
initialized to (compiler defined) debugging patterns on =
function
entry. This option requires the clang compiler.
WITH_KERNEL_RETPOLINE
Set to enable the "retpoline" mitigation for CVE-2017-5715 =
in the
kernel build.
WITH_RETPOLINE
Set to build the base system with the retpoline speculative
execution vulnerability mitigation for CVE-2017-5715.
> these aren't enabled by default in arm64. Is there a reason for that?
First of all, because of the performance impact, which can be
significant depending on your specific use case. And secondly, because
compiling with non-default options tends to expose unexpected bugs in
the implementation. (Both in the compiler itself, and in the programs
which are compiled.)
That said, the retpoline mechanisms tend to be fairly well tested by
now, but will still have a non-negligible performance impact, maybe even
a large impact, depending on your workload. There is no simple answer
here, you will have to measure it for yourself.
The init pattern stuff is pretty new, and will almost certainly give
some unexpected effects, such as triggering assertions, and hopefully
exposing bugs. But you will most likely also run into corner cases that
are not handled well by the compiler and/or the software you are
building. The performance impact will certainly not be negligible due
to all the additional memory accesses. :)
-Dimitry
--Apple-Mail=_1BBEE2DB-6E89-4047-819E-5893D270272F
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.2
iF0EARECAB0WIQR6tGLSzjX8bUI5T82wXqMKLiCWowUCYF4sCQAKCRCwXqMKLiCW
o1TdAJ99tcnqySVzG2Z97uqsK1Cp+mXn7wCg9FSUokwCrukvMGTTUWUwkXhbf6M=
=7KwV
-----END PGP SIGNATURE-----
--Apple-Mail=_1BBEE2DB-6E89-4047-819E-5893D270272F--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56F46324-59BB-4CC2-BE90-5FF63C4554ED>