So, yes, we the OpenBSD developers are not totally asleep and a handful of us are working out how to deal with Intel's fuck-up aka the Meltdown attack. While we have the advantage of less complexity in this area (e.g., no 32bit-on-64bit compat), there's still a pile of details to work through about what has to be *always* in the page tables vs what can/should/must be hidden.
Do KARL or other features of OpenBSD mitigate this? Not particularly. If you're running code from multiple trust domains then yeah, you're largely at risk. We have received *no* non-public information. I've seen posts elsewhere by other *BSD people implying that they receive little or no prior warning, so I have no reason to believe this was specific to OpenBSD and/or our philosophy. Personally, I do find it....amusing? that public announcements were moved up after the issue was deduced from development discussions and commits to a different open source OS project. Aren't we all glad that this was under embargo and strongly believe in the future value of embargoes? Unless something unexpected happens, we'll be applying the workaround to amd64 first and then working out what to do for i386 and arm* (if still though to be necessary for arm) after that. No promises on only applying it to Intel CPUs or knobs to disable it, yet: we'll see how complex that would make things. As always, our own developer laptops are the first targets, so we're invested in it working and being usable. Philip Guenther guent...@openbsd.org