[OpenPower-Firmware] security fixes for meltdown/spectre on P8
Nathan Whitehorn
nwhitehorn at freebsd.org
Mon Mar 5 18:23:51 AEDT 2018
On 03/04/18 18:48, Michael Ellerman wrote:
>
> On 5 March 2018 10:27:37 am ACDT, Stewart Smith <stewart at linux.vnet.ibm.com> wrote:
>> Nathan Whitehorn <nwhitehorn at freebsd.org> writes:
>>> To hijack the thread slightly, is there an overview somewhere of what
>>> needs to be done at the OS level to support these fixes? We would
>>> obviously like to implement the OS-level changes for FreeBSD, but the
>>> only reference for even what the exposure of P8/9 to Spectre is seems
>> to
>>> be some moderately cryptic Linux commits.
>>> -Nathan
>> (bringing in the powerpc linux kernel maintainer)
>>
>> Umm... is there?
> Nothing public that I'm aware of. We are hoping to change that, but I can't promise anything.
>
> I thought the Linux commit messages were pretty descriptive, is there anything specific that's not clear? I might be able to fill in the blanks.
>
> cheers
>
I think I understand what is going on from the commit messages, but
there is not *quite* enough information to extrapolate from Linux to
other systems. Since this is a security issue, I feel particularly
uncomfortable trying to guess what our exposure might be and whether we
are doing the right things and would appreciate some more direct
documentation. This is especially true since our kernel works a bit
differently from Linux. For example, (at least until the Radix tree MMU
code lands) FreeBSD uses a fully split address space in which there are
no SLB entries pointed at the kernel when in any user-space program,
which I think should make us immune to Meltdown in any sane universe --
but, without some details on how L1D cache entries are tagged using
segmented addressing, it is hard to know for sure.
-Nathan
More information about the OpenPower-Firmware
mailing list