The current state of kernel page-table isolation

Posted Dec 21, 2017 14:35 UTC (Thu) by dvrabel (subscriber, #9500)
In reply to: The current state of kernel page-table isolation by josh
Parent article: The current state of kernel page-table isolation

The go runtime uses (or has used, I've not checked if the latest version of go still does this) the LDT, so there are probably fewer systems out there that don't need LDT support than you think.

The current state of kernel page-table isolation

Posted Dec 21, 2017 15:25 UTC (Thu) by luto (guest, #39314) [Link] (2 responses)

Indeed: https://github.com/golang/go/issues/14795

The Go runtime is, in my experience, really quite crappy. This isn't the first time it's been caught using a wildly outdated kernel feature.

The current state of kernel page-table isolation

Posted Dec 25, 2017 20:20 UTC (Mon) by roc (subscriber, #30627) [Link]

And "redzone? what redzone?"

The current state of kernel page-table isolation

Posted Dec 27, 2017 16:47 UTC (Wed) by zlynx (guest, #2285) [Link]

It's still better than container runtimes last updated in 2010.