From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] kernel: enable page poisoning on x86_64
Date: Tue, 14 Apr 2020 15:33:51 +0100
Message-ID: <2913F6C2-3EE3-4E50-9F4D-BBC4136519CB@ipfire.org>
In-Reply-To: <fcbd1c89-4a64-51e9-cce6-311b0df2a264@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4971619305377124196=="
List-Id: <development.lists.ipfire.org>

--===============4971619305377124196==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi,

Can you perform any performance benchmarks to see how much this impacts IPsec=
 and IPS throughput?

-Michael

> On 14 Apr 2020, at 15:32, Peter M=C3=BCller <peter.mueller(a)ipfire.org> wr=
ote:
>=20
> This is already active on i586 and prevents information leaks from freed
> data.
>=20
> Cc: Arne Fitzenreiter <arne.fitzenreiter(a)ipfire.org>
> Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
> ---
> config/kernel/kernel.config.x86_64-ipfire | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>=20
> diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kern=
el.config.x86_64-ipfire
> index b16d13504..f6819859d 100644
> --- a/config/kernel/kernel.config.x86_64-ipfire
> +++ b/config/kernel/kernel.config.x86_64-ipfire
> @@ -6387,7 +6387,9 @@ CONFIG_DEBUG_KERNEL=3Dy
> #
> # CONFIG_PAGE_EXTENSION is not set
> # CONFIG_DEBUG_PAGEALLOC is not set
> -# CONFIG_PAGE_POISONING is not set
> +CONFIG_PAGE_POISONING=3Dy
> +# CONFIG_PAGE_POISONING_NO_SANITY is not set
> +CONFIG_PAGE_POISONING_ZERO=3Dy
> # CONFIG_DEBUG_PAGE_REF is not set
> # CONFIG_DEBUG_RODATA_TEST is not set
> # CONFIG_DEBUG_OBJECTS is not set
> --=20
> 2.16.4


--===============4971619305377124196==--