Kernel – Urgent Changes in Latest Versions, to Fix Intel CPU Security..

Apparently, there has been a major security defect discovered in Intel CPUs, and full details have been embargoed until early-January, but there is a comprehensive article in The Register, here:  https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

The Linux Kernel devs have been working to provide a workaround, as – apparently – there is no other practical solution: https://lkml.org/lkml/2017/12/4/709

The article does hint that ‘hypervisors’ may also be affected, and so I would speculate that changes to VMware, as well as Xen, may be forthcoming..

The fix will add extra processing, and will affect the overall performance of Intel CPUs..

These changes are being incorporated in Kernel 4.14.11, and had already been incorporated in 4.15-rc6  (look for references to “PTI” and/or “PAGE_TABLE_ISOLATION” in the changelogs:
4.15-rc6:  http://lkml.iu.edu/hypermail/linux/kernel/1712.3/02898.html
4.14.11:   https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11

Robert Gadsdon.   January 2, 2018.  (updated January 3, 2018)


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.