Even more Meltdown

Are you tired of hearing about Meltdown/Spectre yet?  Doesn’t matter!  The two sysctls for controlling mitigation in DragonFly have been renamed:

machdep.meltdown_mitigation
machdep.spectre_mitigation

They go to hopefully sensible defaults, but Matthew Dillon has done some testing to show the effects of each in various combinations.   (Update: more changes and tests.)  Note that this is not the final mitigation work; compilers (i.e. gcc) are being updated to include workarounds for this, so new gcc -> new compiler in DragonFly -> new defenses.  No silver bullet there, though.

3 Replies to “Even more Meltdown”

  1. Some of the performance deltas, ouch.

    Good work by Matt to characterize the impact.

  2. I don’t think Matt has yet been able to evaluate if he can backport – this work is all in master so far.

    If it is backportable, I do plan to roll a new 5.0.x release.

Leave a Reply

Your email address will not be published.