Intel Downfall mitigation

Thomas Monjalon thomas at monjalon.net
Tue Aug 15 11:20:50 CEST 2023

Previous message (by thread): [PATCH v3 7/7] eal: initialize worker threads once
Next message (by thread): [PATCH] doc: add NVIDIA BlueField-3 reference link
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello all,

Regarding the vulnerability recently discovered on Intel AVX CPU:
	https://downfall.page/
Some microcode fixes are published by Intel.

Should we mitigate the vulnerability in DPDK as well?
In general, AVX512 is disabled by default in DPDK.
Other AVX sizes are enabled if possible.

The memcpy 512 is enabled at compilation only with RTE_MEMCPY_AVX512.
For now, there is no switch for other memcpy paths.

There is a method to disable most SIMD code at runtime.
>From the application before EAL init:
	rte_vect_set_max_simd_bitwidth(RTE_VECT_SIMD_DISABLED)
or from user input:
	--force-max-simd-bitwidth=64
As far as I know it will disable any SIMD code (including AVX)
in most code paths except for rte_memcpy().

Opinions, comments?

Previous message (by thread): [PATCH v3 7/7] eal: initialize worker threads once
Next message (by thread): [PATCH] doc: add NVIDIA BlueField-3 reference link
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list