Hacker News new | past | comments | ask | show | jobs | submit login
macOS 10.13.3 fixes the Intel KPTI issue (twitter.com/aionescu)
101 points by misterdata on Jan 3, 2018 | hide | past | favorite | 21 comments



10.13.2 actually.

>Say hello to the "Double Map" since 10.13.2 -- and with some surprises in 10.13.3

> Question: Is that right that there is need for 10.13.3 for full bug mitigation?

> No, sorry, did not mean to imply that. There are some changes in 10.13.3 but they shouldn't affect the quality of the mitigation _as far as I can see_


It's a nice surprise to read some good news about Apple's software engineering, for once.


“For a change.” They’ve got some deserved bad press lately, but “for once” is absurd.


I think this says more about the online culture which draws attention to problems real, exaggerated, and imaginary in equal levels.


With a memory set of about 1 month.


Any noticeable performance penalty? Any benchmarks?


From the Twitter thread:

> The performance drop on a system with PCID is minimal. Most Macs have PCID.

https://twitter.com/aionescu/status/948613035861553152


Could you eleblrate what PCID is and which models (CPUs) Support that?


Process context identifiers, which are basically tags for regions of cache/TLB, allowing for fast context switching on multi-CPU systems.

Introduced in Haswell I believe.


Reading the Twitter responses PCID was introduced with Westmere and INVPCID with Haswell.


Yes, what kind of real world performance will users notice?


This is the real question, too many people seem to be blindly throwing around "Regression of X%". Phoronix have put out some benchmarks for Linux [1][2]. As one may expect I/O seems to be hit noticeably given it's handled by the kernel.

[1] https://www.phoronix.com/scan.php?page=article&item=linux-41...

[2] https://www.phoronix.com/scan.php?page=article&item=linux-mo...


IO performance is actually more worrying than CPU performance IMO and the hit is considerable for PCIe SSDs.

So many applications depend on it. From databases to pro video, pro audio, etc.


The question becomes: does Apple need to compensate customers? If Ford sold a car with a certain amount of torque advertised, and then an ECU patch (due to emission problems) slashed that torque by 30%, you bet they’d have to compensate either monetarily or with a buyback. MacBooks go for as much as secondhand cars too.


That’s what Volkswagen and Bosch had to do to make amends for Dieselgate.


I imagine Apple, and all PC manufacturers.


What about 10.12 and earlier versions?


I hope so. As far as I know, the three latest OS X versions get Security Updates. So it should be 10.11+


10.12.6 + 2017-002 does not appear to patch this. I couldn't find any code related to double map, and sysenter did not change like in 10.13.2: https://twitter.com/lunixbochs/status/948763821933506560


Does it restore the passwordless login feature? :p


According to that tweet 10.13.2, the latest public release, fixes it and 10.13.3 will have some improvements.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: