Intel CPU design flaw - FreeBSD affected?
Cy Schubert
Cy.Schubert at komquats.com
Wed Jan 3 01:12:01 UTC 2018
On January 2, 2018 4:56:48 PM PST, Michael Butler <imb at protected-networks.net> wrote:
>On 01/02/18 19:20, Cy Schubert wrote:
>> This Linux commit gives us a hint.
>>
>> https://lkml.org/lkml/2017/12//27/2
>
>Sadly, the articles I've read to date make no mention of which Intel
>silicon revs are vulnerable. However, the use of the PCID feature,
>which
>is only available on more recent CPUs, does seem to afford a slightly
>lesser performance hit when completely splitting the kernel and user
>address space mappings :-(
>
> imb
Yes.
You can see if your cpu supports pcid using cpuinfo from ports. Then look at input line 0x07 in the hexdump. Bit 0x0a of rbx will indicate if invpcid is available. We simply need to manipulate a copy of cr3 and reload it.
My amd gear in my basement isn't affected but my laptop is. It supports pcid but not invpcid.
There will be a performance hit. Looking at the Linux patch, looks like the workaround is optional. I would suspect not through a sysctl, that would be silly.
---
Cy Schubert
<Cy.Schubert at cschubeet.com> or <cy at freebsd.org>
-- small keyboard in use, apologies for typos and autocorrect --
More information about the freebsd-current
mailing list