Bug #8956
closedImplement KPTI
100%
Description
With the following vulnerabilities now disclosed and in the wild, would the OpenIndiana kernel need a similar KPTI change that has been introduced throughout Linux environments?
https://nvd.nist.gov/vuln/detail/CVE-2017-5754
https://nvd.nist.gov/vuln/detail/CVE-2017-5753
https://nvd.nist.gov/vuln/detail/CVE-2017-5715
Updated by Dan McDonald over 5 years ago
This is beyond OpenIndiana, and affects all of illumos. Someone with admin privileges here should and will reclassify this bug as an illumos one.
Updated by Robert Mustacchi over 5 years ago
- Project changed from OpenIndiana Distribution to illumos gate
- Category changed from Security to kernel
- Assignee set to Robert Mustacchi
- Difficulty set to Hard
- Tags deleted (
needs-triage)
Yes, we're working on this. We'll be letting folks know when we have initial patches to test on the developer mailing list.
Updated by John Levon over 5 years ago
- Assignee changed from Robert Mustacchi to John Levon
Updated by John Levon over 5 years ago
An overview of the fix approach/design can be found here:
https://blog.cooperi.net/a-long-two-months
http://blog.movementarian.org/2018/02/pcid-support-on-illumos.html
Updated by John Levon over 5 years ago
- Subject changed from Meltdown and Spectre - KPTI implementation to Implement KPTI
Updated by Electric Monk over 5 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
git commit 74ecdb5171c9f3673b9393b1a3dc6f3a65e93895
commit 74ecdb5171c9f3673b9393b1a3dc6f3a65e93895 Author: John Levon <john.levon@joyent.com> Date: 2018-04-10T14:37:19.000Z 8956 Implement KPTI Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com> Reviewed by: Robert Mustacchi <rm@joyent.com> Approved by: Gordon Ross <gwr@nexenta.com>
Updated by Electric Monk over 5 years ago
git commit 139ef88f7450e3f31a633bfb9428cbdc881bee74
commit 139ef88f7450e3f31a633bfb9428cbdc881bee74 Author: Dan McDonald <danmcd@joyent.com> Date: 2018-04-10T16:01:06.000Z 8956 Implement KPTI (fix cstyle)