| Steve Litt on 4 Jan 2018 11:34:38 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] The mysterious case of the Linux Page Table Isolation patches |
On Thu, 4 Jan 2018 13:27:19 -0500 Rich Freeman <r-plug@thefreemanclan.net> wrote: > On Thu, Jan 4, 2018 at 1:12 PM, Steve Litt > <slitt@troubleshooters.com> wrote: > > By "disables the setting on AMD CPUs", do you mean disables KVM type > > hardware assisted Virtual Machines, or do you mean it disables > > something else? > > The issue has nothing to do with virtual machines specifically. Cool! [snip] > The AMD patch disables PTI on AMD processors. PTI is the mitigation > against meltdown, but not spectre (though I suspect it might help with > variant 2 of spectre). AMD CPUs are not vulnerable to meltdown. If > PTI isn't disabled it causes a significant performance penalty, so > disabling it on AMD is obviously desirable. My processor is an AMD dual core. Probably several others on this list have AMD processors. According to https://www.phoronix.com/scan.php?page=news_item&px=x86-PTI-EPYC-Linux-4.15-Test , the latest kernel updates enable PTI on AMD "just in case", but because AMD is so confident it's not needed, PTI will again be disabled in 4.15. For those wanting to repeal the performance hit on their AMD earlier, they can put "nopti" in their grub. I'd extrapolate that to say that anyone with Intel should check their grub system and make sure it doesn't contain "nopti". [snip] > > > > I can withstand a 30% performance hit, but I really need my Virtual > > Machines. > > > > If you're running Intel then you'll want PTI on in general, and that > will cause the performance hit. It won't hurt virtualization at all > other than the general hit. Note, the penalty might be worse on VMs > since both the hypervisor and guest kernel are likely to implement > PTI, which means two layers of performance hit on any system call that > ends up going out to the hypervisor. IIRC you can specify your processor in qemu, which means if true I could specify an AMD processor and hopefully turn the VM guest's PTI off. > Nothing being proposed will > prevent virtualization from working. This is very reassuring. Thanks, SteveT Steve Litt December 2017 featured book: Thriving in Tough Times http://www.troubleshooters.com/thrive ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug