Hi! nopti or pti=off in kernel options should disable some of the kpti. I haven't tried it yet though, so give it a whirl.
https://en.wikipedia.org/wiki/Kernel_page-table_isolation <https://en.wikipedia.org/wiki/Kernel_page-table_isolation> Kind Regards, David Majchrzak > 5 jan. 2018 kl. 11:03 skrev Xavier Trilla <xavier.tri...@silicontower.net>: > > Hi Nick, > > I'm actually wondering about exactly the same. Regarding OSDs, I agree, there > is no reason to apply the security patch to the machines running the OSDs -if > they are properly isolated in your setup-. > > But I'm worried about the hypervisors, as I don't know how meltdown or > Spectre patches -AFAIK, only Spectre patch needs to be applied to the host > hypervisor, Meltdown patch only needs to be applied to guest- will affect > librbd performance in the hypervisors. > > Does anybody have some information about how Meltdown or Spectre affect ceph > OSDs and clients? > > Also, regarding Meltdown patch, seems to be a compilation option, meaning you > could build a kernel without it easily. > > Thanks, > Xavier. > > -----Mensaje original----- > De: ceph-users [mailto:ceph-users-boun...@lists.ceph.com] En nombre de Nick > Fisk > Enviado el: jueves, 4 de enero de 2018 17:30 > Para: 'ceph-users' <ceph-users@lists.ceph.com> > Asunto: [ceph-users] Linux Meltdown (KPTI) fix and how it affects performance? > > Hi All, > > As the KPTI fix largely only affects the performance where there are a large > number of syscalls made, which Ceph does a lot of, I was wondering if anybody > has had a chance to perform any initial tests. I suspect small write > latencies will the worse affected? > > Although I'm thinking the backend Ceph OSD's shouldn't really be at risk from > these vulnerabilities, due to them not being direct user facing and could > have this work around disabled? > > Nick > > _______________________________________________ > ceph-users mailing list > ceph-users@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > _______________________________________________ > ceph-users mailing list > ceph-users@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
