Choose style:

Author Topic: Post Meltdown, Spectre and other Intel issues  (Read 2220 times)

0 Members and 1 Guest are viewing this topic.

Online pin

  • Trusted User
  • Member
  • *****
  • Posts: 706
  • Karma: 86
  • Peppermint User
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)

Online pin

  • Trusted User
  • Member
  • *****
  • Posts: 706
  • Karma: 86
  • Peppermint User
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: Post Meltdown, Spectre and other Intel issues
« Reply #1 on: January 19, 2018, 04:16:32 pm »
Just to leave some recent info on this issue here
http://kroah.com/log/blog/2018/01/19/meltdown-status-2/

Unfortunately, I've my Peppermint system back at my working place... but, I have both my systems updated and, therefore no reason to expect differences.
So, here is the output of the command in the link above on my Void system
Code: [Select]
[pin@awesomevoidmusl ~]$ uname -r
4.14.14_1
[pin@awesomevoidmusl ~]$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline

...just in case you would feel like checking your own system.

Good evening everyone
« Last Edit: January 19, 2018, 04:21:37 pm by pin »

Online murraymint

  • Trusted User
  • Veteran
  • *****
  • Posts: 1523
  • Karma: 268
  • soft boiled with a yolk of gold
    • View Profile
  • Peppermint version(s): 7, 8
Re: Post Meltdown, Spectre and other Intel issues
« Reply #2 on: January 19, 2018, 04:38:01 pm »
Code: [Select]
grep: /sys/devices/system/cpu/vulnerabilities/*: No such file or directory

Online pin

  • Trusted User
  • Member
  • *****
  • Posts: 706
  • Karma: 86
  • Peppermint User
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: Post Meltdown, Spectre and other Intel issues
« Reply #3 on: January 19, 2018, 05:04:14 pm »
Hi murraymint
It should be
Code: [Select]
grep . /sys/devices/system/cpu/vulnerabilities/*
and not
Code: [Select]
grep: /sys/devices/system/cpu/vulnerabilities/*: No such file or directory
i.e grep<space>.<space>/sys/... and not grep:<space>/sys/...

Online murraymint

  • Trusted User
  • Veteran
  • *****
  • Posts: 1523
  • Karma: 268
  • soft boiled with a yolk of gold
    • View Profile
  • Peppermint version(s): 7, 8
Re: Post Meltdown, Spectre and other Intel issues
« Reply #4 on: January 19, 2018, 05:20:43 pm »
Hi, I posted the output to your command, pasted exactly as you had it. It doesn't work on Peppermint 7 ( or 8 ).
« Last Edit: January 19, 2018, 06:56:00 pm by murraymint »

Online pin

  • Trusted User
  • Member
  • *****
  • Posts: 706
  • Karma: 86
  • Peppermint User
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: Post Meltdown, Spectre and other Intel issues
« Reply #5 on: January 20, 2018, 07:25:37 am »
 :o You're right?? Sorry!!
I've picked-up my Peppermint 7 laptop at work today and there is no vulnerabilities folder in
Code: [Select]
/sys/devices/system/cpu/

This folder is at the end of the PATH above on my Void system. Inside are three files; meltdown, spectre_v1 and spectre_v2

Where are these in Peppermint?

EDIT: Just checked my daughter's Bodhi system and these are not there either  :o
So, the question is actually, where did Ubuntu placed these files?
« Last Edit: January 20, 2018, 07:41:13 am by pin »

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 19996
  • Karma: 2288
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8 Respin & 9 Alpha
Re: Post Meltdown, Spectre and other Intel issues
« Reply #6 on: January 20, 2018, 07:43:35 am »
Nowhere .. that directory is only created if the kernel is patched to create it.
https://mail-archive.com/linux-kernel@vger.kernel.org/msg1579615.html
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Online pin

  • Trusted User
  • Member
  • *****
  • Posts: 706
  • Karma: 86
  • Peppermint User
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: Post Meltdown, Spectre and other Intel issues
« Reply #7 on: January 20, 2018, 08:53:12 am »
@PCNetSpec
Any idea why Ubuntu choosed not to apply it?
Oh well, the most important is PTI patch anyway...

Skickat från min SM-G900F via Tapatalk


Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 19996
  • Karma: 2288
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8 Respin & 9 Alpha
Re: Post Meltdown, Spectre and other Intel issues
« Reply #8 on: January 20, 2018, 09:16:46 am »
None whatsoever, but if it were my decision I'd probably not have applied it either. There are testing tools to see if things like the retpoline kernel patches are in place though they probably only fully apply to vanilla kernels (and may unmodified give spurious info on the Ubuntu or other kernels) .. meltdown is already patched .. browsers have been patched to mitigate remote exploits (which wouldn't get mentioned in that directory) and any info in the directory created by that patch would only apply to the kernel, which:-

a) isn't enough info to draw any security conclusions from .. Spectre goes MUCH further than kernel only mitigations.
and
b) would just spark a lot of confusion from those that don't the understand the depth and breadth of the issue.

A LOT more than just the kernel is going to require patching a lot of which is still unknown, this will be an ongoing issue for some time yet with a lot of fixed packages being released .. that directory doesn't (in fact can't) give accurate or inclusive information so is IMHO fairly pointless.
« Last Edit: January 20, 2018, 09:22:51 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Online pin

  • Trusted User
  • Member
  • *****
  • Posts: 706
  • Karma: 86
  • Peppermint User
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: Post Meltdown, Spectre and other Intel issues
« Reply #9 on: January 20, 2018, 11:24:58 am »
I agree, the kernel is only one of the several points of attack, and I know I have applied the patches to it  8)

Offline TrentCoh

  • nOOb
  • *
  • Posts: 1
  • Karma: 0
  • New Forum User
    • View Profile
Re: Post Meltdown, Spectre and other Intel issues
« Reply #10 on: January 21, 2018, 12:05:11 pm »
Is this only hitting the Intel processors? I thought AMD ones have the same issue, and even the Apple ones too.

Online pin

  • Trusted User
  • Member
  • *****
  • Posts: 706
  • Karma: 86
  • Peppermint User
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: Post Meltdown, Spectre and other Intel issues
« Reply #11 on: January 21, 2018, 12:25:48 pm »
It's in another thread but, here you go.
The only immune cpu's are the raspberry pi's. Some of the AMD's, namely the zen's are, most probably, only affected by Spectre and not Meltdown.

Skickat från min SM-G900F via Tapatalk


Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 3742
  • Karma: 706
  • Peppermint Mod
    • View Profile
Re: Post Meltdown, Spectre and other Intel issues
« Reply #12 on: January 21, 2018, 12:39:53 pm »
[...] and even the Apple ones too.

True!

Apple says Meltdown and Spectre flaws affect ALL Mac and iOS devices: https://goo.gl/gwFqyp

Online pin

  • Trusted User
  • Member
  • *****
  • Posts: 706
  • Karma: 86
  • Peppermint User
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
« Last Edit: January 23, 2018, 01:52:26 pm by pin »

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 19996
  • Karma: 2288
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8 Respin & 9 Alpha
Re: Post Meltdown, Spectre and other Intel issues
« Reply #14 on: January 23, 2018, 02:12:38 pm »
They REALLY should be clearer on what is patched and what isn't (and by what updates) .. I mean I had no issues with the microcode update, so would I be better off keeping it ?

And what's with the "and now the kernel is patched at 4.13.0-31" .. I thought it already was at 4.13.0-26 :-\

I realise this is a complex issue and not everything is known or fully understood yet, but surely they know what has been done up to this point. And surely they could spell out the implications of using either microcode so people can decide for themselves which suits them better >:(
(I mean what friggin bugs in the new microcode, and if I'm unaffected would I be better off keeping it ? .. I mean how friggin hard could that be to explain allowing ME to decide rather than this 'we know what's best for you, one size fits all', nannying)

This whole damn thing is being dealt with in a very un-linux semi-hidden way leaving people to have to dig for scraps of info from far and wide :(
« Last Edit: January 23, 2018, 02:46:53 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec