[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Stretch kernel vulnerable to meltdown

On Thu, 15 Mar 2018, Peter Steinmetz wrote:
> should be fixed wrt meltdown. But I see this
> # grep -R . /sys/devices/system/cpu/vulnerabilities/
> /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline
> /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
> /sys/devices/system/cpu/vulnerabilities/meltdown:Vulnerable
> 
> Why / what am I missing?

Check the kernel boot log using either dmesg or "journalctl -k -b".
Look for "Kernel/User page tables isolation".

Here, that same kernel reports "Mitigation: PTI" in
/sys/devices/system/cpu/vulnerabilities/meltdown

and:

# uname -rv ; journalctl -k -b | grep isolation
4.9.0-6-amd64 #1 SMP Debian 4.9.82-1+deb9u3 (2018-03-02)
[redacted] kernel: Kernel/User page tables isolation: enabled

-- 
  Henrique Holschuh
Reply to: