[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Aw: Re: Stretch kernel vulnerable to meltdown

> 15. März 2018, 18:05 Uhr, "Henrique de Moraes Holschuh":
>
> On Thu, 15 Mar 2018, Peter Steinmetz wrote:
> > should be fixed wrt meltdown. But I see this
> > # grep -R . /sys/devices/system/cpu/vulnerabilities/
> > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline
> > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
> > /sys/devices/system/cpu/vulnerabilities/meltdown:Vulnerable
> > 
> > Why / what am I missing?
> 
> Check the kernel boot log using either dmesg or "journalctl -k -b".
> Look for "Kernel/User page tables isolation".

Doesn't seem to be there.

> Here, that same kernel reports "Mitigation: PTI" in
> /sys/devices/system/cpu/vulnerabilities/meltdown
> 
> and:
> 
> # uname -rv ; journalctl -k -b | grep isolation
> 4.9.0-6-amd64 #1 SMP Debian 4.9.82-1+deb9u3 (2018-03-02)
> [redacted] kernel: Kernel/User page tables isolation: enabled

# journalctl -k -b | grep isolation; echo $?
1
#

This kernel is running as a Dom0-kernel on Xen. Might that be the reason?

Peter
Reply to: