On Fri, 20 Jul 2018 11:24:57 +0200, David Kastrup wrote: >So the idea to take this into low-latency realms with a view on >realtime effects seems a bit optimistic indeed. ;) On Thu, 19 Jul 2018 22:52:45 -1000, _another_ david wrote: >I first tried it with 4.13.x and decided that items like random >kernel panios, system freezes and crashes weren't very good ways to >defend against Spectre/Meltdown/DOS. ;) Actually freezes and crashes do defend against attacks :D. But you are right, for Claws and Firefox I'm experiencing way to often serious issues and for virtualbox at least way to often an annoyance for an unexplained reason. I at least should test using it with PTI disabled. The current default on my machine is: [rocketmouse@archlinux ~]$ ls -hAl /sys/devices/system/cpu/vulnerabilities/; cat /sys/devices/system/cpu/vulnerabilities/* total 0 -r--r--r-- 1 root root 4.0K Jul 20 10:12 meltdown -r--r--r-- 1 root root 4.0K Jul 20 10:12 spec_store_bypass -r--r--r-- 1 root root 4.0K Jul 20 10:12 spectre_v1 -r--r--r-- 1 root root 4.0K Jul 20 10:12 spectre_v2 Mitigation: PTI Vulnerable Mitigation: __user pointer sanitization Mitigation: Full generic retpoline, IBPB, IBRS_FW 'nopti' only would disable PTI, but keep the spectre mitigations. While PTI is part of the kernel, the spectre mitigations are likely part of the µcode. However, if I would run my CPU without the µcode, I perhaps would get rid of the spectre mitigation, but IIRC I unfortunately would get rid of TSC, too. _______________________________________________ Linux-audio-user mailing list Linux-audio-user@xxxxxxxxxxxxxxxxxxxx https://lists.linuxaudio.org/listinfo/linux-audio-user
