[mythtv-users] Meltdown effect on MythTV

Larry Finger Larry.Finger at lwfinger.net
Fri Jan 5 18:26:44 UTC 2018 

More information concerning the Linux implementation for mitigation of Meltdown 
is available. The info below is copied from https://lkml.org/lkml/2018/1/4/775.

Sorting through the jargon, your mileage will vary depending on what features 
are found on your CPU.

A new kernel parameter is available called "pti" for Page Table Isolation. User 
and kernel space will use separate page tables to prevent any user process from 
using the side-channel approach. There will be a small performance hit and some 
memory increases. The feature can be turned off at build or run time, and will 
automatically be turned off for AMD processors.

The details of increased memory usage are as follows:

a. Each process now needs an order-1 page directory (PGD) instead of order-0. 
(Consumes 4k per process).

b. The 'cpu_entry_area' structure must be 2MB in size and 2MB aligned so that it 
can be mapped by setting a single Page Mid Directory (PMD) entry. This consumes 
nearly 2MB of RAM once the kernel is decompressed, but no space in the kernel 
image itself.

The details of CPU usage:

  a. CR3 manipulation to switch between the page table copies
     must be done at interrupt, syscall, and exception entry
     and exit (it can be skipped when the kernel is interrupted,
     though.)  Moves to CR3 are on the order of a hundred
     cycles, and are required every at entry and every at exit.
  b. A "trampoline" must be used for SYSCALL entry.  This
     trampoline depends on a smaller set of resources than the
     non-PTI SYSCALL entry code, so requires mapping fewer
     things into the userspace page tables.  The downside is
     that stacks must be switched at entry time.
  c. Global pages are disabled for all kernel structures not
     mapped in both to kernel and userspace page tables.  This
     feature of the MMU allows different processes to share TLB
     entries mapping the kernel.  Losing the feature means more
     TLB misses after a context switch.  The actual loss of
     performance is very small, however, never exceeding 1%.
  d. Process Context IDentifiers (PCID) is a CPU feature that
     allows us to skip flushing the entire TLB when switching page
     tables.  This makes switching the page tables (at context
     switch, or kernel entry/exit) cheaper.  But, on systems with
     PCID support, the context switch code must flush both the user
     and kernel entries out of the TLB.  The user PCID TLB flush is
     deferred until the exit to userspace, minimizing the cost.
  e. The userspace page tables must be populated for each new
     process.  Even without PTI, the shared kernel mappings
     are created by copying top-level (PGD) entries into each
     new process.  But, with PTI, there are now *two* kernel
     mappings: one in the kernel page tables that maps everything
     and one for the entry/exit structures.  At fork(), we need to
     copy both.
  f. In addition to the fork()-time copying, there must also
     be an update to the userspace PGD any time a set_pgd() is done
     on a PGD used to map userspace.  This ensures that the kernel
     and userspace copies always map the same userspace
     memory.
  g. On systems without PCID support, each CR3 write flushes
     the entire TLB.  That means that each syscall, interrupt
     or exception flushes the TLB.

Larry

More information about the mythtv-users mailing list