Initial Spectre support in master, Meltdown sysctl also renamed

Matthew Dillon mattdillonbsd at gmail.com
Wed Jan 10 00:17:40 PST 2018 

Correction, I meant IBRS, not IBPB.  IBPB support is forthcoming.  IBRS is a mode, IBPB is a barrier.

-Matt

Sent from my iPad

> On Jan 9, 2018, at 10:48 PM, Matthew Dillon <dillon at backplane.com> wrote:
> 
> DragonFlyBSD master now has initial spectre sysctl support, and the mmu isolation sysctl has been renamed.
> 
> machdep.meltdown_mitigation
> 
>     System automatically enables this by default on Intel CPUs.
>     Performance loss for normal workloads approximately 4%.
> 
> machdep.spectre_mitigation
> 
>    System automatically sets mode 1 if the microcode supports it.  Will be disabled if the microcode does not support it.  It is possible to load unofficial microcode at run-time and then set the sysctl, but is a bit messy to obtain and decode the microcode in a format that cpucontrol understands.  I just posted the sequence.  But you need to pull the microcode from somewhere, too if the normal packages don't have it (which they don't, yet).  This mitigation currently only messes with the IBPB bit (MSR 0x48=1).
> 
>    Performance loss for normal workloads depends on the cpu.  Approximately 12% on Haswell and 5% on Skylake.  This does NOT count  the loss from the meltdown mitigation, so add them together.
> 
>    Modes supported:
> 
>     0    IBPB disabled, no Spectre mitigation
> 
>     1    IBPB enabled for kernel mode.
> 
>     2    IBPB enabled at all times.
> 
>     Note that mode 2 results in a HUGE performance loss.  Approximately 53% on Haswell and 24% on Skylake.  Mode 2 is not recommended at this time.
>      
>     Again, this sysctl will only operate if the machine's microcode supports the feature.
> 
> RetPoline work is in progress but it could be a while (up to a month) before we get a compiler capable of generating it fully integrated.
> 
> --
> 
> Generally speaking, we recommend letting the system select the defaults if safety and security is a concern.  We will try to pick reasonable settings.  It will turn on meltdown for Intel CPUs and it will use Spectre mode 1 for Intel CPUs if the microcode has the feature.  Once RetPoline is in place, some people may opt to turn off the Spectre mitigation.
> 
> I don't have any new AMD microcode for testing yet, so the Spectre mitigation is currently Intel-only.
> 
> -Matt

More information about the Users mailing list