You are not logged in.

#101 2018-02-09 08:06:21

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Microcode update information from Intel:

https://newsroom.intel.com/wp-content/u … idance.pdf

tl;dr: buy a different processor... cry

EDIT: check your microcode vision with:

grep microcode /proc/cpuinfo

Last edited by Head_on_a_Stick (2018-02-09 08:08:11)


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#102 2018-02-09 08:29:20

johnraff
nullglob
From: Nagoya, Japan
Registered: 2015-09-09
Posts: 5,231
Website

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

john@bunsen1:~$ grep microcode /proc/cpuinfo
microcode	: 0x4
microcode	: 0x4
microcode	: 0x4
microcode	: 0x4

That's bad, I guess?


John
--------------------
( a boring Japan blog , Japan Links, idle twitterings  and GitStuff )
In case you forget, the rules.

Offline

#103 2018-02-09 11:16:58

martix
Kim Jong-un Stunt Double
Registered: 2016-02-19
Posts: 1,267

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

^Same here.

Offline

#104 2018-02-09 15:09:04

ratcheer
Member
From: USA
Registered: 2015-10-05
Posts: 209

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Mine says 0x29 (on my old i5 desktop system). Does that mean version 41? And even if that is correct, what does it mean?

Tim

Offline

#105 2018-02-09 20:15:40

cloverskull
Member
Registered: 2015-10-01
Posts: 307

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Are there actually even any exploits that can take advantage of this vulnerability?

I mean, I get that we have to patch, and that we'll incur a hit on performance, but I'm just curious.

Also, anyone else run BL virtualized? I've noticed that post-patch, my user experience is very significantly degraded, regardless if I use my macbook or windows machine as the virtual host.

Offline

#106 2018-02-09 20:30:26

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

johnraff wrote:

That's bad, right?

ratcheer wrote:

what does it mean?

Check the PDF, it is colour-coded with a key.

Both 0x4 and 0x29 are marked as "Pre-Mitigation Production MCU" which is described thusly:

For products that have not yet released a Production MCU with mitigations for Variant 2 (Spectre), Intel recommends using this version of MCU. This does not impact mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown).

The "Production Status" is "Planning" so a fix is pending (I think).

cloverskull wrote:

anyone else run BL virtualized?

I'm running my test system with QEMU/KVM and it seems as fast as ever tbh, I keep forgetting that it's virtualised cool


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#107 2018-02-09 21:44:34

tknomanzr
BL Die Hard
From: Around the Bend
Registered: 2015-09-29
Posts: 1,029

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

I am running Bunsenlabs on a Surface Pro IV through Virtualbox 5.2.6. CPU usage seems to be higher and tends to spike more quickly. Typing through the Surface Pro IV seems to be very expensive, shooting CPU usage up to 60% or so.  I am not sure why typing would have that effect but it does. Also, I have to rebuild the VirtualBox guest additions kernel modules on every boot. I am not sure what I am missing that is causing that.

Offline

#108 2018-02-09 22:20:25

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

tknomanzr wrote:

I have to rebuild the VirtualBox guest additions kernel modules on every boot. I am not sure what I am missing that is causing that.

virtualbox-dkms — try the stretch-backports version (with the backported virtualbox package), security issues prevented it from making the release, IIRC.

Also, have you seen https://qemu.weilnetz.de/w64/? (If you have a Windows host)

Last edited by Head_on_a_Stick (2018-02-09 22:21:34)


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#109 2018-02-10 18:33:54

tknomanzr
BL Die Hard
From: Around the Bend
Registered: 2015-09-29
Posts: 1,029

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Backporting the VirtualBox kernel modules seems to have helped considerably. I am now able to type with the CPU sitting at around 15% or so with no spiking.

Offline

#110 2018-02-11 11:30:18

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Arch now has the IBPB fix but Alpine still has just the retpoline protection.

We now seem to have some Spectre V1 mitigation in place as well:

alpine:~$ grep -r . /sys/devices/system/cpu/vulnerabilities/ 
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
alpine:~$

What does an updated BunsenLabs system have to say for itself?


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#111 2018-02-12 03:00:10

johnraff
nullglob
From: Nagoya, Japan
Registered: 2015-09-09
Posts: 5,231
Website

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

^

john@helium-dev:~$ grep -r . /sys/devices/system/cpu/vulnerabilities/ 
grep: /sys/devices/system/cpu/vulnerabilities/: No such file or directory

John
--------------------
( a boring Japan blog , Japan Links, idle twitterings  and GitStuff )
In case you forget, the rules.

Offline

#112 2018-02-12 07:56:33

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

^ Thanks!

I think stevep mentioned that only the newer kernels have a vulnerabilities folder in /sys so I think that is expected.

Have you tried the vulnerability checker script?

https://github.com/speed47/spectre-meltdown-checker

Is anybody running the backported kernel? I think that should expose it's vulnerabilities in sysfs (so to speak).

At any rate, firefox-esr can't be used as an attack vector so it's only the Chrome users at risk... devil


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#113 2018-02-28 17:51:49

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Debian have uploaded the vulnerability check script to the testing/unstable repositories, with a version in stretch-backports smile

The .deb should be installable in Hydrogen/Deuterium:

http://cdn-aws.deb.debian.org/debian/po … +1_all.deb

Run it with:

sudo spectre-meltdown-checker

“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#114 2018-03-26 19:53:52

martix
Kim Jong-un Stunt Double
Registered: 2016-02-19
Posts: 1,267

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Meltdown and Spectre news calmed down - the Facebook-story hit the media. Still... Spectre is out there...

chips.th.jpg

Offline

Board footer

Powered by FluxBB