Add nospectre_v1 to kernel boot args and provide config option for users to remove it if desired
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Jim Somerville |
Bug Description
Brief Description
-----------------
The kernel version is StarlingX was recently updated to version 1062.1.2 to address the following CVEs:
https:/
https:/
https:/
With the new kernel, the cyclic test is showing significant performance degradation:
http://
This was isolated to the spectre_v1 mitigation which enabled the swapgs lfence barriers. Adding nospectre_v1 to the kernel boot args to disable swapgs restored the performance to the previous version of the kernel.
See comments in https:/
Given the importance of performance for StarlingX, the StarlingX security team agreed on Jan 13/2020 to add the nospectre_v1 to the kernel boot args and to provide a config option for users to remove it if they choose. This is in line with StarlingX's handling of the nospectre_v2 option. Both spectre variants will be controlled by the same sysinv config option.
Severity
--------
Major - serious performance impact
Steps to Reproduce
------------------
Run cyclictest on recent stx load
Expected Behavior
------------------
Expect no degradation between the 1062.1.2 kernel and the 957 kernel
Actual Behavior
----------------
There is a significant performance degradation
Reproducibility
---------------
Reproducible
System Configuration
-------
Any
Branch/Pull Time/Commit
-------
stx master as of 2020-01-03 (when new kernel was merged in master)
Last Pass
---------
Loads before the above date
Timestamp/Logs
--------------
Not required
Test Activity
-------------
Feature testing for kernel upgrade
Workaround
----------
N/A
summary: |
Add nospectre_v1 to kernel boot args and add config option for users to - remove it + remove it if desired |
summary: |
- Add nospectre_v1 to kernel boot args and add config option for users to - remove it if desired + Add nospectre_v1 to kernel boot args and provide config option for users + to remove it if desired |
description: | updated |
tags: | added: in-r-stx30 |
tags: | added: in-r-stx20 |
Required for stx master (stx.4.0), stx.3.0 & stx.2.0 given that the new kernel has been merged to all three branches.