Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?

To: debian-user@lists.debian.org
Subject: Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Mon, 26 Feb 2018 12:03:39 -0300
Message-id: <[🔎] 20180226150339.3tqpvwlsek3qlz7k@khazad-dum.debian.net>
In-reply-to: <[🔎] slrnp985ar.2o0.curty@einstein.electron.org>
References: <[🔎] CAB=k8WKVYoLY2f1+0BpduugZUAyyQRKQp3QiD8BwquN6-iT7MA@mail.gmail.com> <[🔎] 20180223124339.kpzelwd7h6okwx6m@p5k.home> <[🔎] CANc=Sd0C6g79L1b0jiSENuebS+ZftAZ0jwDjjhXk5OYp6_x=Zw@mail.gmail.com> <[🔎] 20180223134200.fxfj74gxch3c3c6r@p5k.home> <[🔎] slrnp985ar.2o0.curty@einstein.electron.org>

On Mon, 26 Feb 2018, Curt wrote:
> What does that mean 'bugs           : cpu_meltdown spectre_v1 spectre_v2
> exactly?

It it is supposed to mean your processor has those defects.  It does not
say anything about the mitigation strategy being employed to avoid those
defects.

Obviously, that thing is buggy, since it is listing cpu_meltdown on an
AMD box...  meh.

Hopefully to be corrected by the next round of kernel updates, along
with an updated Intel microcode blacklist, required to use the microcode
updates Intel "un-recalled" :p

> curty@einstein:~$ grep . /sys/devices/system/cpu/vulnerabilities/*
> /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected

At least this one is correct...

> /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> pointer sanitization
> /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD
> retpoline

And so are those.

> The directly above seems more comforting in its verbose clarity somehow.

Indeed.

-- 
  Henrique Holschuh

Reply to:

References:
- Re: Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?
  - From: Julien Aubin <julien.aubin@gmail.com>
- Re: Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?
  - From: Reco <recoverym4n@gmail.com>
- Re: Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?
  - From: Michael Fothergill <michael.fothergill@gmail.com>
- Re: Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?
  - From: Reco <recoverym4n@gmail.com>
- Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?
  - From: Curt <curty@free.fr>

Prev by Date: Re: An *operator's guide to fvwm?
Next by Date: Re: An *operator's guide to fvwm?
Previous by thread: Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?
Next by thread: Re: Is Debian Linux protected against the Meltdown and Spectre security flaws?
Index(es):
- Date
- Thread