On Thu, May 14, 2020 at 7:31 PM Sreyan Chakravarty <sreyan32(a)gmail.com> wrote:
I am in the process of reading this detailed article about the bug:
https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html
Meanwhile, I wanted to know if any one here has the same problem and
what they did for mitigations.
Your linked document [1] describes in detail how to mitigate and also
lists the associated performance degradation.
LWN also provides a good summary for L1TF [2].
On my private machines with older CPUs, I tend to use mitigations=off
to disable all CPU mitigation techniques introduced since Meltdown in
order to gain some performance back. I/O and context switches in
general are really slow with enabled mitigations on Sandy and Ivy
Bridge, so I am willing to take some risks on these platforms, which
is of course not recommended and possibly a really bad idea :-)
$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/itlb_multihit:KVM: Vulnerable
/sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE
Inversion; VMX: vulnerable
/sys/devices/system/cpu/vulnerabilities/mds:Vulnerable; SMT vulnerable
/sys/devices/system/cpu/vulnerabilities/meltdown:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable: __user
pointer sanitization and usercopy barriers only; no swapgs barriers
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable, IBPB:
disabled, STIBP: disabled
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected
[1]
https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html#miti...
[2]
https://lwn.net/Articles/762570/