Date: Fri, 26 Mar 2021 19:46:33 +0100 From: Dimitry Andric <dim@FreeBSD.org> To: tech-lists <tech-lists@zyxst.net> Cc: freebsd-hackers@freebsd.org Subject: Re: cost/benefit of some src.conf options Message-ID: <56F46324-59BB-4CC2-BE90-5FF63C4554ED@FreeBSD.org> In-Reply-To: <YF3pHo5Pj5Swm90O@ceres.zyxst.net> References: <YF3pHo5Pj5Swm90O@ceres.zyxst.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_1BBEE2DB-6E89-4047-819E-5893D270272F Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On 26 Mar 2021, at 15:01, tech-lists <tech-lists@zyxst.net> wrote: >=20 > Please can someone briefly explain the impact of the following, in > an *arm64* stable/13 exposed-to-the-internet context: >=20 > 1. WITH_INIT_ALL_PATTERN=3D > 2. WITH_KERNEL_RETPOLINE=3D > 3. WITH_RETPOLINE=3D How briefly, exactly? Quoting src.conf(5), in order: WITH_INIT_ALL_PATTERN Set to build the base system or kernel with stack variables initialized to (compiler defined) debugging patterns on = function entry. This option requires the clang compiler. WITH_KERNEL_RETPOLINE Set to enable the "retpoline" mitigation for CVE-2017-5715 = in the kernel build. WITH_RETPOLINE Set to build the base system with the retpoline speculative execution vulnerability mitigation for CVE-2017-5715. > these aren't enabled by default in arm64. Is there a reason for that? First of all, because of the performance impact, which can be significant depending on your specific use case. And secondly, because compiling with non-default options tends to expose unexpected bugs in the implementation. (Both in the compiler itself, and in the programs which are compiled.) That said, the retpoline mechanisms tend to be fairly well tested by now, but will still have a non-negligible performance impact, maybe even a large impact, depending on your workload. There is no simple answer here, you will have to measure it for yourself. The init pattern stuff is pretty new, and will almost certainly give some unexpected effects, such as triggering assertions, and hopefully exposing bugs. But you will most likely also run into corner cases that are not handled well by the compiler and/or the software you are building. The performance impact will certainly not be negligible due to all the additional memory accesses. :) -Dimitry --Apple-Mail=_1BBEE2DB-6E89-4047-819E-5893D270272F Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.2 iF0EARECAB0WIQR6tGLSzjX8bUI5T82wXqMKLiCWowUCYF4sCQAKCRCwXqMKLiCW o1TdAJ99tcnqySVzG2Z97uqsK1Cp+mXn7wCg9FSUokwCrukvMGTTUWUwkXhbf6M= =7KwV -----END PGP SIGNATURE----- --Apple-Mail=_1BBEE2DB-6E89-4047-819E-5893D270272F--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56F46324-59BB-4CC2-BE90-5FF63C4554ED>