Archives
Archives
| From: | Corbin Bird <corbinbird@×××××××.net> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Subject: | Re: [gentoo-user] Expect a ~15% average slowdown if you use an Intel processor | ||
| Date: | Thu, 04 Jan 2018 13:44:33 | ||
| Message-Id: | 92ab5d0f-6111-cdec-5443-4f0cb0712eaf@charter.net | ||
| In Reply to: | Re: [gentoo-user] Expect a ~15% average slowdown if you use an Intel processor by Adam Carter |
||
| 1 | On 01/03/2018 09:34 PM, Adam Carter wrote: |
| 2 | > |
| 3 | > Project Zero (Google) found it; |
| 4 | > https://googleprojectzero.blogspot.com.au/2018/01/reading-privileged-memory-with-side.html |
| 5 | > <https://googleprojectzero.blogspot.com.au/2018/01/reading-privileged-memory-with-side.html> |
| 6 | > |
| 7 | > |
| 8 | > Phoronix has done some benchmarks on the impact of the kernel |
| 9 | > based workaround ([Kernel] Page Table Isolation (PSI) nee Kaiser) |
| 10 | > https://www.phoronix.com/scan.php?page=article&item=linux-more-x86pti&num=1 |
| 11 | > <https://www.phoronix.com/scan.php?page=article&item=linux-more-x86pti&num=1> |
| 12 | > |
| 13 | > |
| 14 | > * |
| 15 | > * |
| 16 | > Re:AMD - Looks like Linus agrees that PTI is not required for AMD |
| 17 | > CPUs. Note that the project zero blog mentions that some AMD chips are |
| 18 | > subject to some issues*. *There's three CVEs*. |
| 19 | > * |
| 20 | > * |
| 21 | > * |
| 22 | > From: |
| 23 | > https://www.phoronix.com/scan.php?page=news_item&px=Linux-Tip-Git-Disable-x86-PTI* |
| 24 | > * |
| 25 | > *"Update:* Linus Torvalds has now ended up pulling |
| 26 | > <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=00a5ae218d57741088068799b810416ac249a9ce&utm_source=anz> |
| 27 | > the latest PTI fixes that also include the change to disable page |
| 28 | > table isolation for now on all AMD CPUs. The commit is in mainline for |
| 29 | > Linux 4.15 along with a few basic fixes and ensuring |
| 30 | > PAGE_TABLE_ISOLATION is enabled by default. " |
| 31 | |
| 32 | According to the Project Zero documentation .... having BPF JIT enabled |
| 33 | is the key to the exploit. |
| 34 | |
| 35 | The way the docs read ... can it be assumed that by having BPF JIT |
| 36 | disabled on an AMD, that blocks this exploit? |
| 37 | |
| 38 | Corbin |
| Subject | Author |
|---|---|
| Re: [gentoo-user] Expect a ~15% average slowdown if you use an Intel processor | Rich Freeman <rich0@g.o> |