On servers I would compile apps with reptoline just to be on the safe side. Shaken believe in power of peer review in open source since years old bug in openssl to some extend makes it imaginable for other bugs to exists in user space that would allow remote reading of given memory sectors.
On desktop on the other hand I would trust the kernel to fully do the job of protecting kernel space from user space. It is job of all those patches after all.
Announcement
Collapse
No announcement yet.
Benchmarking Retpoline-Enabled GCC 8 With -mindirect-branch=thunk
Collapse
X
-
I wonder - is it required for full spectre mitigation to build userspace with retpolines?
I really hope it isn't - for the kernel I can disable meltdown as well as spectre mitigation to avoid the performance impact.
For userspace I guess it won't be that easy once built with retpolines.
Leave a comment:
-
Originally posted by jesusdf View PostI'm wondering... does the cpu scaling driver/governor make any difference with the meltdown/spectre patches?
Leave a comment:
-
I'm wondering... does the cpu scaling driver/governor make any difference with the meltdown/spectre patches?
Leave a comment:
-
Benchmarking Retpoline-Enabled GCC 8 With -mindirect-branch=thunk
Phoronix: Benchmarking Retpoline-Enabled GCC 8 With -mindirect-branch=thunk
We have looked several times already at the performance impact of Retpoline support in the Linux kernel, but what about building user-space packages with -mindirect-branch=thunk? Here is the performance cost to building some performance tests in user-space with -mindirect-branch=thunk and -mindirect-branch=thunk-inline.
Tags: None
Leave a comment: