DragonFlyBSD Lands Fixes For Meltdown Vulnerability
Linux, macOS, and Windows has taken most of the operating system attention when it comes down to the recently-disclosed Meltdown vulnerability but the BSDs too are prone to this CPU issue. DragonFlyBSD lead developer Matthew Dillon has landed his fixes for Meltdown.
Hitting DragonFlyBSD's kernel Git code a short time ago were a set of four patches:
kernel - Intel user/kernel separation MMU bug fix part 1/3 - The initial bits for addressing the "Intel user/kernel separation MMU bug."
kernel - Intel user/kernel separation MMU bug fix part 2/3 - Cleanups and further kernel memory restrictions.
kernel - Intel user/kernel separation MMU bug fix part 3/3 - Wrapping up the changes. Also confirmation that system call performance is reduced, similar to Linux, when the isolation is enabled. DragonFly reports that system calls go from about 100ns to ~350ns. In typcial workloads they say you should "not lose more than 5% performance or so. System-call heavy and interrupt-heavy workloads (network, database, high-speed storage, etc) can lose a lot more performance."
kernel - Intel user/kernel separation MMU bug fix part 4 - "This completes 99% of the meltdown mitigation work, implementing a feature which isolates user and kernel page tables." This machdep.isolated_user_pmap feature is automatically enabled for all Intel CPUs.
Hitting DragonFlyBSD's kernel Git code a short time ago were a set of four patches:
kernel - Intel user/kernel separation MMU bug fix part 1/3 - The initial bits for addressing the "Intel user/kernel separation MMU bug."
kernel - Intel user/kernel separation MMU bug fix part 2/3 - Cleanups and further kernel memory restrictions.
kernel - Intel user/kernel separation MMU bug fix part 3/3 - Wrapping up the changes. Also confirmation that system call performance is reduced, similar to Linux, when the isolation is enabled. DragonFly reports that system calls go from about 100ns to ~350ns. In typcial workloads they say you should "not lose more than 5% performance or so. System-call heavy and interrupt-heavy workloads (network, database, high-speed storage, etc) can lose a lot more performance."
kernel - Intel user/kernel separation MMU bug fix part 4 - "This completes 99% of the meltdown mitigation work, implementing a feature which isolates user and kernel page tables." This machdep.isolated_user_pmap feature is automatically enabled for all Intel CPUs.
10 Comments