On Thu, Jan 4, 2018 at 2:15 PM, P Levine <plevine457@gmail.com> wrote:

I'm not sure if it's been mentioned here before but there apparently is a bug affecting all Intel CPUs manufactured in the last 10 years or so, in which protected kernel memory is leaked to userspace. It can't be patched in microcode and will lead to some serious overhead to patch in the OS. See, Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit In Windows And Linux and Meltdown and Spectre.

Reported at Bug 643360.

Its been mentioned in another thread, but I guess its a bit off topic there.

Project Zero (Google) found it;

https://googleprojectzero.blogspot.com.au/2018/01/reading-privileged-memory-with-side.html

Phoronix has done some benchmarks on the impact of the kernel based workaround ([Kernel] Page Table Isolation (PSI) nee Kaiser)

https://www.phoronix.com/scan.php?page=article&item=linux-more-x86pti&num=1