Hello Steven,

Στις 2020-11-26 18:04, swallach έγραψε:

attached at my comments.
like everything else, performance is always a function of the
implementation. same ISA, different implementation, different
performance.
there are several themes to this thread.
1. do nothing for rv57 (keep INTEL)
2. add a some trivial stuff to rv57 (va translation) - NOTE the
comment on what ARM has done
3. do something better for rv64 (currently intel has no rv64)

I'm trying to understand from your comments what ISA-related changes do you propose for Sv57/Sv64 other than the address space extension, the only comment I got is the TTBR0/1 split on ARM/ARM64. Also I don't see why Sv57/Sv64 should be treated differently security-wise, could you please clarify ?

KAISER/KPTI is a software mitigation for leakages initially related to KASLR (another software mitigation) and later on to kernel memory's contents (Meltdown). It was merged upstream when Meltdown was discovered, and as Jonathan mentioned the performance penalty can get much worse than 0.28% (some benchmarks here -> http://www.brendangregg.com/blog/2018-02-09/kpti-kaiser-meltdown-performance.html) which is why it remains an optional feature, and even when enabled in the kernel it's only activated for CPUS vulnerable to Meltdown (check out X86_BUG_CPU_INSECURE).

A bit off-topic: have in mind there is an on-going discussion on the TEE TG about a Supervisor-level PMP mechanism which can further isolate the kernel memory from the user even when no MMU is available.

Regards,
Nick