Re: Stretch kernel vulnerable to meltdown
On Thu, 15 Mar 2018, Peter Steinmetz wrote:
> should be fixed wrt meltdown. But I see this
> # grep -R . /sys/devices/system/cpu/vulnerabilities/
> /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline
> /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
> /sys/devices/system/cpu/vulnerabilities/meltdown:Vulnerable
>
> Why / what am I missing?
Check the kernel boot log using either dmesg or "journalctl -k -b".
Look for "Kernel/User page tables isolation".
Here, that same kernel reports "Mitigation: PTI" in
/sys/devices/system/cpu/vulnerabilities/meltdown
and:
# uname -rv ; journalctl -k -b | grep isolation
4.9.0-6-amd64 #1 SMP Debian 4.9.82-1+deb9u3 (2018-03-02)
[redacted] kernel: Kernel/User page tables isolation: enabled
--
Henrique Holschuh
Reply to: