Announcement

**Alex/AT** · 10 November 2020, 07:25 AM

Okay. Next step: accepting Intel CPUs are vulnerable and throwing the mitigations out in favor of proper fix

**RahulSundaram** · 10 November 2020, 09:34 AM

Originally posted by Alex/AT View Post

Okay. Next step: accepting Intel CPUs are vulnerable and throwing the mitigations out in favor of proper fix

You can't throw the mitigations out without throwing out the affected hardware since these are hardware issues.

**Alex/AT** · 10 November 2020, 09:41 AM

Originally posted by RahulSundaram View Post

You can't throw the mitigations out without throwing out the affected hardware since these are hardware issues.

You actually can. This will force either throwing out hardware, or accepting the risks.

**RahulSundaram** · 10 November 2020, 12:31 PM

Originally posted by Alex/AT View Post

You actually can. This will force either throwing out hardware, or accepting the risks.

In other words, in the real world, you really can't and there is zero chance of that happening.

**Alex/AT** · 10 November 2020, 01:26 PM

Originally posted by RahulSundaram View Post

In other words, in the real world, you really can't and there is zero chance of that happening.

Yeah, nobody could live without PTI before it existed and surely no one disables it now.
(as if)

**RahulSundaram** · 10 November 2020, 02:31 PM

Originally posted by Alex/AT View Post

Yeah, nobody could live without PTI before it existed and surely no one disables it now.
(as if)

Absolutely noone would ever remove patches for PTI from the upstream kernel while after the vulnerability was known and the patches were merged in and widely available and used and vulnerable hardware is widely used as well. Whether individuals disable it is up to them. That does not have any impact on upstream kernel. All of this should be obvious to you.

**kobblestown** · 10 November 2020, 03:18 PM

What is the state of PCID (Process Context IDentifier) support in Linux? The feature (the /proc/cpuinfo flag is called INVPCID) has been available on Intel processors since quite a while and is present in AMD new Zen 3 architecture. It seems to me it's a good fir for KPTI.

Also, support for it was available in VirtualBox on Windows (via a VBoxManage command). I wonder if KVM can do the same.

**Alex/AT** · 10 November 2020, 04:19 PM

Originally posted by RahulSundaram View Post

That does not have any impact on upstream kernel.

You should actually know there is an impact even in disabled state, tiny and negligible but present, even if not mentioning.

The biggest impact is in different place, not even in performance, but horrible performance being the reason of it.
It is a horrific set of crutches on duct tape right in the very heart of the kernel.
Starting from syscalls and memory management and ending in interrupt handling.

Whether it will shoot everyone in the leg one day or not, that's not clear yet.
Oracle attempt on amending it by adding more crutches and more tape is just another proof it should.

**RahulSundaram** · 10 November 2020, 05:43 PM

Originally posted by Alex/AT View Post

You should actually know there is an impact even in disabled state, tiny and negligible but present, even if not mentioning.

Assuming that is true, it doesn't change any of what I said. Linux kernel is never ever going to drop these mitigations as long as the hardware exists and is being used. Yes, it is complex and tricky to manage and it would be much nicer if we didn't have to deal with hardware bugs but that is simply not the world we live in.

Announcement

Oracle Proposing Change To Linux's KPTI Meltdown Mitigation

Oracle Proposing Change To Linux's KPTI Meltdown Mitigation

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment