PowerPC Memory Protection Keys In For Linux 4.16, Power Has Meltdown Mitigation In 4.15

Written by Michael Larabel in Linux Kernel on 22 January 2018 at 10:49 AM EST. 2 Comments
LINUX KERNEL
Linux's POWER code with the upcoming Linux 4.16 cycle will introduce support for PowerPC Memory Protection Keys. With the current Linux 4.15 cycle is also initial Meltdown mitigation for these CPUs too.

Memory protection keys provides a means of enforcing page-based protections without the need for modification of page tables when an application changes protection domains. The many commits adding this Power memory protection key support is now staged in their PowerPC -next tree.

Back during the Linux 4.6 days is when Intel added their memory protection keys support to the Linux kernel that is of similar nature to this IBM POWER work. More details on Intel's MPK support within this article. Besides the kernel-side bits, there has also been memory protection key additions to the GCC compiler and Glibc too.

While on the topic of the Linux kernel's support for the POWER architecture with it not being something we cover frequently, IBM did get its initial Meltdown prevention support into the Linux 4.15 kernel. For at least Power7/Power8/Power9, they are preventing the Meltdown vulnerability by flushing the L1-D cache on exit from kernel to user mode and from hypervisor to guest. They wrote in that commit, " At this time we do not know the status of the vulnerability on other CPUs such as the 970 (Apple G5), pasemi CPUs (AmigaOne X1000) or Freescale CPUs. As more information comes to light we can enable this, or other mechanisms on those CPUs." More details on their exposure to Meltdown for POWER CPUs can be found in that aforelinked commit.

The RFI flushing for POWER does have an impact on performance as noted in the code work, but with having no access to POWER hardware here, I am not able to run any tests on the actual impact. For those concerned about the performance degredation, it is possible to disable the flushing albeit at that potential security risk.
2 Comments
Related News
Linux 6.10 Goes Ahead In Removing Sysctl Sentinel Bloat
Linux 6.9-rc7 Released: The Kernel Is Looking Good
DRM Buddy & AMDGPU Wired Up For Clear Page Tracking In Linux 6.10
Linux 6.9-rc6 Released With This Kernel Looking "Pretty Normal"
Linux 6.9-rc5 Released: The Diffstat "Looks A Bit Wonky" But Not Bad
Linux 6.9-rc5 Picking Up Fixes For Intel FRED, BHI & GFNI/VAES Checks
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
systemd Rolling Out "run0" As sudo Alternative
Linux Mint Looks To Fork More GNOME Software, Make XApp More Independent
Microsoft Updates Cascadia Code: Its Open-Source Font For Developers
Rust-Written Redox OS Gets USB Keyboards & Mice Working
NetBSD On The State & Future Of X.Org/X11
Framework Laptop EC Driver Being Prepared For Linux
Valve Working On Explicit Sync Support For "NVK" NVIDIA Vulkan Driver
Wine 9.8 Fixes Nearly 20 Year Old Bug For Installing Microsoft Office 97