Dear R0ller,
For more information, there is a nice arstechnica article which
summarise things:
https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/
There are two issues:
1. Meltdown
This is the one for which there is a clear fix, which is NOT to map
the kernel into the userland processes.
MINIX already does that almost entirely, by design as the OS
services are in separate userland processes.
All that is mapped, is the microkernel itself, as mentioned by
Jean-Baptiste, as well as the pagetable directory and some buffers
while processing specific kernelcalls.
Unless I am mistaken, as I have not read the patches being applied
in the Linux kernel and other OSes, they do more or less the same,
except that all the kernel services are mapped in a single address
space.
The speed impact of having two context switches per system call is
what MINIX, and any microkernel, have been paying for years.
We could adapt the microkernel to go even further, and only map a
single 4kB page, but I am not sure of how much this would change
compared to what we have now.
2. Spectr
This is the tricky one, which can't be entirely protected against
right now. This will need a precise analysis of the whole kernel
AND system libraries, AND specific applications to protect against
it.
That one, MINIX is certainly as vulnerable as any other OS,
microkernel or not.
Kind regards,
Lionel Sambuc
------------------------------------------------------------------------
> --
> You received this message because you are subscribed to the Google Groups "minix3" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
minix3+un...@googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.