Date: Mon, 23 Nov 2020 13:27:34 +1100 From: Daniel Axtens <dja@...ens.net> To: oss-security@...ts.openwall.com Cc: cmr@...ormatik.wtf, ruscur@...sell.cc, npiggin@...il.com, mpe@...erman.id.au, spoorts2@...ibm.com Subject: Re: CVE-2020-4788: Speculation on incompletely validated data on IBM Power9 Hi, > This issue can be mitigated by flushing the L1 cache between privilege > boundaries of concern. There's been interest in the performance impact of doing this sort of flush. The impact depends on the workload, on how often the kernel is entered and for what, and on the particular flush mechanism supported by the machine. To take an unscientific example, I tested compiling a kernel. I dropped caches, did 1 build to warm the cache, and then 5 timed builds. The machine uses the mttrig flush. Wall clock time: neither flush: avg 98.796s (min 98.329s - max 99.229s) -- 100% entry flush: avg 99.061s (min 98.935s - max 99.188s) -- 100.27% both flushes: avg 99.158s (min 98.303s - max 99.683s) -- 100.37% As you can see, the performance impact for this test was less than 0.4% on this machine. I want to be clear that this isn't an official claim of performance under any particular configuration or workload. Your results may vary. As always, systems running in trusted environments can be booted with mitigations=off or the firmware 'risk level' adjusted to disable a range of speculative execution mitigations, including these. Kind regards, Daniel
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.