Thanks to the work done by Joyent on fixes for the Meltdown attack, we now have beta OmniOS updates available for testing. These updates include the KPTI (and PCID) work up to Joyent’s kpti-squash branch.

From Joyent:

Any and all testing is useful, especially with “weird” things like LDT-using code, older machines, etc.

The test update can be applied to a bloody system and will install into a new boot-environment so that you can easily switch back and forth as required.

# pkg update pkg
# pkg apply-hot-fix --be-name=kpti
# init 6

Useful commands

To check if you are running with KPTI enabled:

# echo kpti_enable/X | mdb -k

To check CPU features for PCID/INVPCID support:

# echo ::x86_featureset | mdb -k | grep -i pcid

To confirm PCID is being used (look for cr3 values starting with 0x8 as shown below):

# echo "cpus::print cpu_t cpu_m.mcpu_kpti.kf_user_cr3" | mdb -k
cpu_m.mcpu_kpti.kf_user_cr3 = 0x8000000800083001

Any problems or questions, please get in touch via the lobby or #omnios on Freenode