VectorLinux

Please login or register.

Login with username, password and session length
Advanced search  

News:

Visit our home page for VL info. For support and documentation, visit the Vector Linux Knowledge Center or search the Knowledge Center and this Forum using the search box above.

Author Topic: meltdown and spectra?  (Read 1353 times)

overthere

  • Vectorian
  • ****
  • Posts: 1455
meltdown and spectra?
« on: January 19, 2018, 08:38:09 pm »

Shortly after release of 7.2 there was a kernel update for security, now meltdown and spectra require a patch? and affects all chips to my general understanding.

Question..was the kernel update built to the available 7.2 iso and also is there any news on the meltdown/spectra patch.

wondering if I will have to update kernel prior to patch as installing back to my laptop after some upgrades.

thanks
Logged
Everything Is Relative

nightflier

  • Administrator
  • Vectorian
  • *****
  • Posts: 4454
Re: meltdown and spectra?
« Reply #1 on: January 20, 2018, 04:03:31 am »

A new kernel with these patches is available. You need to use the "untested" repository.

http://forum.vectorlinux.com/index.php?topic=19139.msg106524#msg106524
Logged

overthere

  • Vectorian
  • ****
  • Posts: 1455
Re: meltdown and spectra?
« Reply #2 on: January 21, 2018, 05:16:41 pm »

currently have VL-std 7.2 installed to an acer aspire netbook.

It boots fine with the default .76 and also the .89

when booting .14 the screen distorts and nothing is readable, the desktop is not usable

if I "e" at grub and change vga=788 to something else and f10 it stops boot and gives choice to view options or continue..if I continue the system boots to desktop as expected and appears to function normally..also couple of acpi errors list at boot before screen distorts and after continue..added no apci and no apic during grub edit but no change..not sure how to edit grub effectively.

not that a lot of folks will use this hardware but do not have my laptop put back together yet,,had to tear down to clean intake

adding...the  best case on this hardware seems to be hit "e" at grub use the arrow keys to locate and remove vga=788 and hit f10. ignore the two acpi errors and sign in as usual.
« Last Edit: January 21, 2018, 08:25:32 pm by overthere »
Logged
Everything Is Relative

overthere

  • Vectorian
  • ****
  • Posts: 1455
Re: meltdown and spectra?
« Reply #3 on: January 21, 2018, 09:53:09 pm »

As the old lappy booted ok, thought I would try running the spectre-meltdown-checker from github

perhaps 32 bit remains vulnerable? anyone checked on 64 bit? or is the script from github a false sense of security. or in my case a indication to visit the recycle depot..lol

Code: [Select]
someone:$ su
Password:
You are working as root

root:# ./spectre-meltdown-checker.sh
Spectre and Meltdown mitigation detection tool v0.32

Checking for vulnerabilities against running kernel Linux 4.14.14 #1 SMP Thu Jan 18 14:37:24 CST 2018 i686
CPU is  Intel(R) Atom(TM) CPU N270   @ 1.60GHz

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking whether we're safe according to the /sys interface:  NO  (kernel confirms your system is vulnerable)
> STATUS:  VULNERABLE  (Vulnerable)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Checking whether we're safe according to the /sys interface:  NO  (kernel confirms your system is vulnerable)
> STATUS:  VULNERABLE  (Vulnerable: Minimal generic ASM retpoline)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Checking whether we're safe according to the /sys interface:  NO  (kernel confirms your system is vulnerable)
> STATUS:  VULNERABLE  (Vulnerable)

A false sense of security is worse than no security at all, see --disclaimer
vector://home/someone/Downloads/spectre-meltdown-checker-master
root:#

Logged
Everything Is Relative

retired1af

  • Administrator
  • Vectorian
  • *****
  • Posts: 1471
Re: meltdown and spectra?
« Reply #4 on: January 21, 2018, 10:48:20 pm »

That script isn't really accurate. Author admits it may or  may not be valid.

Something we should also look at is updating the Intel microcode if it's possible.
Logged
ASUS K73 Intel i3 Dual Core 2.3GHz

overthere

  • Vectorian
  • ****
  • Posts: 1455
Re: meltdown and spectra?
« Reply #5 on: January 22, 2018, 12:07:00 am »

updating the browser(s) would also be part of addressing the issue.
Logged
Everything Is Relative

M0E-lnx

  • Administrator
  • Vectorian
  • *****
  • Posts: 3497
Re: meltdown and spectra?
« Reply #6 on: January 22, 2018, 11:51:42 am »

The 4.14 kernel is being built as they roll them out (it is also the next LTS, so it makes sense to switch to that).

About the meltdown/spectre bugs... bare in mind that there are no fixes for this stuff... what they're doing is adding mitigation patches.  The mitigation patches are being retroactively backported from what I understand.  I dont expect much of a focus on fixing 32bit, just because everyone is phasing 32-bit out.

Any input or test results from running that 4.14 kernel would be really helpful so we can shift focus on VL for that version.