[svlug] Intel CPUs' Kernel Page Table Isolation (KPTI) fix

Sarah Newman newmans at sonic.net
Thu Jan 4 11:30:32 PST 2018


On 01/04/2018 12:44 AM, Rick Moen wrote:
> What's a 30% CPU performance hit between friends?
> 
> ----- Forwarded message from Vincent Deffontaines <vincent at gryzor.com> -----
> 
> Date: Wed, 03 Jan 2018 11:43:40 +0100
> From: Vincent Deffontaines <vincent at gryzor.com>
> To: debian-security at lists.debian.org
> Subject: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With
> 	Up To 30% Performance Hit
> 
> Greetings,
> 
> And happy new year.
> 
> This is hitting all of us soon.
> In short: a huge (and long lasting) hardware bug, present in about
> all Intel CPUs that have been sold for the last 10 years.
> It is not fixable by microcode, and requires ugly patching from the
> kernel layer . Other OSes such as Microsoft are concerned as well.

There are actually 3 different classes of vulnerabilities. It's not just intel. https://developer.arm.com/support/security-update

There will be microcode updates. I don't know if they will be needed for systems not running a VM.
https://lists.xenproject.org/archives/html/xen-devel/2018-01/msg00110.html



More information about the svlug mailing list