The work talked about back in January for improving the 32-bit PAE Linux kernel code for Physical Address Extensions to better jive with the code around Page Table Isolation (PTI) for mitigating the Meltdown vulnerability could soon be merged.
Intel Linux engineer Dave Hansen has been working to simplify the Physical Address Extensions (PAE) page table handling code in conjunction with the Page Table Isolation code, which is enabled in most environments for security concerns around Meltdown. This is a nice simplification of the x86 kernel code to ease in maintenance but does come with the known cost of non-PTI PAE kernels seeing some excess bloat albeit not a widely expected configuration in the real-world. Hansen explains in today’s updated patch series:
“tl;dr: 32-bit PAE page table handing is a bit different when PTI is on and off. Making the handling uniform removes a good amount of code at the cost of not sharing kernel PMDs. The downside of this simplification is bloating non-PTI PAE kernels by ~2 pages per process.
Anyone who cares about security on 32-bit is running with PTI and PAE because PAE has the No-eXecute page table bit. They are already paying the 2-page penalty. Anyone who cares more about memory footprint than security is probably already running a !PAE kernel and will not be affected by this.”
Hansen says he plans on applying these patches soon unless issues are raised surrounding the code. Thus this Linux x86 32-bit clean-up could land with the Linux 6.16 kernel cycle this summer.