#1 2018-01-04 12:44:44

jimjamz

Member

From: Nagasaki, Japan

Registered: 2016-04-04

Posts: 97

Spectre & Meltdown: Intel CPU fix for BL Helium or earlier?

This article seems to be doing the rounds a lot today (especially in the office) so I was just wondering how will BL be affected by the potential patch?  The main concern seems to be the performance penalty that will be suffered as a result of separating the kernel's memory completely from user processes using KPTI.

Are we likely to inherit a Debian fix and add it immediately in the current BL release?

earlybird

ほやほや

Registered: 2015-12-16

Posts: 738

Website

Re: Spectre & Meltdown: Intel CPU fix for BL Helium or earlier?

This article seems to be doing the rounds a lot today (especially in the office) so I was just wondering how will BL be affected by the potential patch?  The main concern seems to be the performance penalty that will be suffered as a result of separating the kernel's memory completely from user processes using KPTI.

Are we likely to inherit a Debian fix and add it immediately in the current BL release?

Helium: Definitely.

Hydrogen: Can't tell for sure yet, but given that jessie is only oldstable, chances are very good.

You can watch for a fixed kernel package using the Debian Security Tracker and the relevant CVEs. As soon as a fixed kernel for a given Debian suite has been released, it'll be marked as such:

• https://security-tracker.debian.org/tra … -2017-5753 (Spectre)

• https://security-tracker.debian.org/tra … -2017-5715 (Spectre)

• https://security-tracker.debian.org/tra … -2017-5754 (Meltdown)

Head_on_a_Stick

Member

From: London

Registered: 2015-09-29

Posts: 8,759

Website

Re: Spectre & Meltdown: Intel CPU fix for BL Helium or earlier?

The main concern seems to be the performance penalty

The protections applied by the new patches can be disabled via a kernel command line parameter to restore the vulnerable behaviour.

It's probably worth noting that only applications which make heavy use of syscalls (such as virtualisation) will suffer badly, most desktop programs will only slow down by ~1-2% (hopefully).

EDIT: https://www.phoronix.com/scan.php?page= … 6pti&num=2

Last edited by Head_on_a_Stick (2018-01-04 18:30:00)

---

“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

vinzv

Member

Registered: 2017-09-12

Posts: 185

Website

Re: Spectre & Meltdown: Intel CPU fix for BL Helium or earlier?

Are we likely to inherit a Debian fix and add it immediately in the current BL release?

As Kernel series 4.14, 4.9, 4.4, 3.16, 3.18 and 3.12 LTS got patched in upstream already I assume it won't take too long until Debian's kernels get updated as well, at least for Jessie and upwards.