[Beowulf] [upgrade strategy] Intel CPU design bug & security flaw - kernel fix imposes performance penalty

[Christopher Samuel]

On 08/01/18 09:18, Richard Walsh wrote:

> Mmm ... maybe I am missing something, but for an HPC cluster-specific
> solution ... how about skipping the fixes, and simply requiring all
> compute node jobs to run in exclusive mode and then zero-ing out user
> memory between jobs ... ??

If you are running other daemons with important content (say the munge
service that Slurm uses for authentication) then you risk the user being
able to steal the secret key from the daemon.

But it all depends on your risk analysis of course.

All the best!
Chris
-- 
  Chris Samuel  :  http://www.csamuel.org/  :  Melbourne, VIC