ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Chat about just about anything else
blueredgreen
Level 2
Level 2
Posts: 79
Joined: Sun Jun 17, 2012 12:14 am

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by blueredgreen » Sun Jan 14, 2018 9:53 pm

thx-1138 wrote:blueredgreen, for the microcode update to have an effect:

1) you have to reboot first...and then run dmesg | grep microcode to verify it's date.
2) even then, it might just be that the latest microcode update doesn't yet provide support for your processor; theoritically, it should report a date later then 2017-06-01...
Thank you, I did reboot, I guess I will just keep watching my driver manager for newer updates, as I think it is unlikely my processor is "unaffected".
Image

User avatar
thx-1138
Level 5
Level 5
Posts: 619
Joined: Fri Mar 10, 2017 12:15 pm
Location: Athens, Greece

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by thx-1138 » Sun Jan 14, 2018 9:57 pm

blueredgreen, i3 processors are not unaffected... the flaw affects way much older versions as well:
https://www.intel.com/content/www/us/en ... cts.html#4
Other than that, yes - just keep your system regularly / properly updated (kernel 4.4.0-109 & firefox 57.0.4 have you covered...), install a newer microcode if / when it gets released, and you're set...

rene
Level 7
Level 7
Posts: 1719
Joined: Sun Mar 27, 2016 6:58 pm

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by rene » Sun Jan 14, 2018 10:01 pm

blueredgreen wrote:my cpu is an i3 u 380 and i am not sure if this exact cpu is even affected
That is a mobile first generation Core i3 (Arrandale) and indeed affected. Note that basically any CPU from the last 2 decades is to some degree affected by Spectre -- Intel certainly, AMD more marginally as far as known at this point -- and all CPU's produced by Intel from at least the last decade additionally by Meltdown. I.e., don't feel bad, you have a lot of company.

New microcode for your CPU concerning Meltdown and/or Spectre has not been released yet; only 3rd generation and up. The fact that you do see the 2013 microcode being applied at boot after installing it does mean that said 2013 microcode is both relevant for your CPU and is not yet being applied by your BIOS. You can keep it installed: it no doubt fixes some obscure corner case; read microcode-changelogs and google if interested. You can of course also go verify that a newer BIOS that incorporates that microcode isn't available for your system: if it is, it might have additional fixes/advantages and you wouldn't need Linux to apply the microcode even if you want the fix it brings. Given that you likely up to now hadn't experienced any issue without the 2013 microcode you may of course also elect to not give a hoot...

In any case: no Meltdown/Spectre-mitigating microcode has been released for your CPU yet.

User avatar
michael louwe
Level 8
Level 8
Posts: 2143
Joined: Sun Sep 11, 2016 11:18 pm

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by michael louwe » Mon Jan 15, 2018 1:55 am

@ neversaynever, .......
neversaynever wrote:...
.
According to this link ... https://askubuntu.com/questions/469199/ ... -wont-boot , it could be a Linux kernel bug present from kernel 3.13 onward(= LM 17.x onward). Maybe, your Acer Travelmate 8573T cannot run 64bit Linux due to the kernel bug = stick with Win 7 64bit.

User avatar
thx-1138
Level 5
Level 5
Posts: 619
Joined: Fri Mar 10, 2017 12:15 pm
Location: Athens, Greece

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by thx-1138 » Mon Jan 15, 2018 3:35 am

...just stumbled upon this while lurking around on phoronix... (ctrl+f, spectre_v2)...

Harfud
Level 1
Level 1
Posts: 30
Joined: Tue Dec 05, 2017 3:38 pm

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by Harfud » Mon Jan 15, 2018 6:52 am

So...

Another wave of Ubuntu kernel updates this week (should arrive through update manager)

Intel microcode updates for up to ten year old CPUs in the not too distant future, up to five year old mainly already done (should arrive through update manager)

Intel microcode updates for selected over ten year old CPUs once Intel have taken advice from hardware manufacturers as to which ones are still numerous in the field (should arrive through update manager)

Patched Chromium browser to be released 23rd Jan (assumably quickly into repositories for updates) Latest current version Strict-Site-Isolation switchable as a temporary fix.

Latest Firefox version fixed.

Seems very automated for Mint, although I'm needing to update microcode manually with LMDE2.

All credit to the devs I think, this nightmare is coming under control.

neversaynever
Level 1
Level 1
Posts: 19
Joined: Sat Jan 13, 2018 4:26 pm

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by neversaynever » Mon Jan 15, 2018 12:59 pm

@ michael louwe.....
michael louwe wrote:@ neversaynever, .......
neversaynever wrote:...
.
According to this link ... https://askubuntu.com/questions/469199/ ... -wont-boot , it could be a Linux kernel bug present from kernel 3.13 onward(= LM 17.x onward). Maybe, your Acer Travelmate 8573T cannot run 64bit Linux due to the kernel bug = stick with Win 7 64bit.
Wow! If that is the problem I think that the only solution is to change the PC with a newer one (with UEFI). I guess that the kernel bug will never be corrected (maybe nobody knows about it even). Do you know a way to be sure about the existence of this kernel bug which seems to affect only my PC ? Or to informe someone of Linux about that ?
Thank you for your patience

User avatar
Pjotr
Level 20
Level 20
Posts: 10157
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by Pjotr » Mon Jan 15, 2018 1:10 pm

neversaynever wrote:@ michael louwe.....
michael louwe wrote:According to this link ... https://askubuntu.com/questions/469199/ ... -wont-boot , it could be a Linux kernel bug present from kernel 3.13 onward(= LM 17.x onward). Maybe, your Acer Travelmate 8573T cannot run 64bit Linux due to the kernel bug = stick with Win 7 64bit.
Wow! If that is the problem I think that the only solution is to change the PC with a newer one (with UEFI). I guess that the kernel bug will never be corrected (maybe nobody knows about it even). Do you know a way to be sure about the existence of this kernel bug which seems to affect only my PC ? Or to informe someone of Linux about that ?
Thank you for your patience
I highly doubt that's the problem for you, because that particular bug report is more than three years old and concerns a totally different Ubuntu LTS (14.04).
Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
michael louwe
Level 8
Level 8
Posts: 2143
Joined: Sun Sep 11, 2016 11:18 pm

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by michael louwe » Tue Jan 16, 2018 2:59 am

http://www.zdnet.com/article/meltdown-s ... ty-issues/ (Meltdown-Spectre: More businesses warned off patching over stability issues - dated 15 Jan 2018)

User avatar
michael louwe
Level 8
Level 8
Posts: 2143
Joined: Sun Sep 11, 2016 11:18 pm

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by michael louwe » Fri Jan 19, 2018 2:33 am

http://www.zdnet.com/article/meltdown-s ... ter-patch/ (Meltdown-Spectre: Intel says newer chips also hit by unwanted reboots after patch - dated 18 Jan 2018)

http://news.softpedia.com/news/canonica ... 9448.shtml (Canonical Invites Ubuntu Users to Test Kernel Patches for Spectre Security Flaw - dated 18 Jan 2018)

User avatar
thx-1138
Level 5
Level 5
Posts: 619
Joined: Fri Mar 10, 2017 12:15 pm
Location: Athens, Greece

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by thx-1138 » Fri Jan 19, 2018 11:59 pm


User avatar
BigEasy
Level 6
Level 6
Posts: 1138
Joined: Mon Nov 24, 2014 9:17 am
Location: Chrząszczyżewoszyce, powiat Łękołody

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by BigEasy » Sat Jan 20, 2018 4:20 am

https://www.bleepingcomputer.com/news/s ... ot-issues/
P.S. still non-existent malware continues to make its victims. It is something like horror movies about zombies.
Windows assumes I'm stupid but Linux demands proof of it

User avatar
Faust
Level 4
Level 4
Posts: 324
Joined: Thu Jul 14, 2016 3:40 am

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by Faust » Sat Jan 20, 2018 4:56 am

BigEasy wrote:https://www.bleepingcomputer.com/news/s ... ot-issues/
P.S. still non-existent malware continues to make its victims. It is something like horror movies about zombies.
@BigEasy
Arrhh ..... Thank you !
That's the second time in the past few weeks that I've seen you make a highly intelligent comment on this .

Rushing to patch is a big mistake and risks causing far more harm than good .
There are now reports all over " The Sprawl" about borked systems caused by a rush to apply sub-standard patches ,
both for GNU/Linux , and that other OS .

" Act in haste , repent at leisure " ..... there is still some wisdom in those old sayings :)

Keep in mind that at this point in time .... THERE IS NO THREAT !
Thus far it is entirely imaginary , and even the proof-of-concept reports are highly speculative and shaky .
I can't find a single real-world exploit that has been reported yet , by any of the reputable security researchers ,
on any of the forums with a strong security focus or on any of the pen-testing websites .
And same goes for the hardware gurus ( eg. Positive Technologies ) .

There is nothing out there .

But there is certainly an epidemic of " Headless Chicken Syndrome " .

Sorry if it's a little bombastic ; I'm posting partly out of fun , partly out of devilment , but mainly
because I believe it to be true .

And I know a few pen-testers who don't mind going to dark places , but I'm told that there is nothing there either .

The time could be better spent searching under the bed for the bogey-man .
The result will be exactly the same ( there's nothing there ) although it may help some folks sleep better ,
and it will definitely NOT bork your system .
:mrgreen:
" And so it goes " - Kurt Vonnegut
The modern reality and the satirical parody are rapidly converging .

User avatar
Pjotr
Level 20
Level 20
Posts: 10157
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by Pjotr » Sat Jan 20, 2018 6:52 am

@Faust: for your amusement and inspiration, here's a translation of an old Dutch saying: "When the calf has drowned, one fills the pit".

Implying: it would have been better to fill the pit before the calf drowned. :wink:
Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
Faust
Level 4
Level 4
Posts: 324
Joined: Thu Jul 14, 2016 3:40 am

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by Faust » Sat Jan 20, 2018 10:19 am

Pjotr wrote:@Faust: for your amusement and inspiration, here's a translation of an old Dutch saying: "When the calf has drowned, one fills the pit".

Implying: it would have been better to fill the pit before the calf drowned. :wink:
Thanks Pjotr , I was both amused , and even a little inspired :D

That's similar to an old English one ..... " Shutting the stable door after the horse has bolted "
( Both are farming metaphors , that's interesting ).

Anyway , to stretch that analogy even further ...
What pit ?
There IS no pit .

And if a pit were to appear, then that is the appropriate time to think about filling it in .
If we simply run around filling non-existent pits , we will end up with mounds ,
of s... ...... something .

Either way , the calf is going to be just fine ( unless it falls off a mound of course ) .

And it's Saturday , and it's raining ....
" And so it goes " - Kurt Vonnegut
The modern reality and the satirical parody are rapidly converging .

User avatar
BigEasy
Level 6
Level 6
Posts: 1138
Joined: Mon Nov 24, 2014 9:17 am
Location: Chrząszczyżewoszyce, powiat Łękołody

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by BigEasy » Sat Jan 20, 2018 11:31 am

@Pjotr. Our saying is: "Do not run so fast to get to hell before parents" :wink:
Windows assumes I'm stupid but Linux demands proof of it

User avatar
Arch_Enemy
Level 6
Level 6
Posts: 1015
Joined: Tue Apr 26, 2016 3:28 pm

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by Arch_Enemy » Sat Jan 20, 2018 10:56 pm

Hmmm...when I use iucode-tool, this is what I get for a -S (scan):

iucode-tool: cpuid kernel driver unavailable, cannot scan system processor signatures
I have travelled 35629424162.9 miles in my lifetime

One thing I would suggest, create a partition a ~28G partition as /. Partition the rest as /Home.
When the system fails, reinstall and use the exact same username and all your 'stuff' comes back to you.

User avatar
Pjotr
Level 20
Level 20
Posts: 10157
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by Pjotr » Sun Jan 21, 2018 10:44 am

For testing whether your kernel has been patched against Meltdown, this appears to be a reliable test method:

Code: Select all

dmesg | grep isolation
It should return:

Code: Select all

[    0.000000] Kernel/User page tables isolation: enabled
Earlier unpatched kernels should return nothing at all for that command.

More information:
https://en.wikipedia.org/wiki/Kernel_pa ... _isolation
Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
ArtGirl
Level 4
Level 4
Posts: 392
Joined: Sat Apr 15, 2017 1:16 pm
Location: UK

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by ArtGirl » Sun Jan 21, 2018 11:21 am

Pjotr wrote:For testing whether your kernel has been patched against Meltdown, this appears to be a reliable test method:

Code: Select all

dmesg | grep isolation
Earlier unpatched kernels should return nothing at all for that command.
Thanks for the link. Unfortunately, I'm getting nothing show up when running the test, but am running the patched 4.4 and 4.13. Not sure what's happening there.
18.3 Mate 64bit
Radeon R9 255, Mesa 17.2.8, 4.15.0-13,
Lenovo x310, intel i7-4790, 16 ram,
Ugee 2150


For any advice I've been able to add, eg re graphics tablets, please search forum.

Image

User avatar
Pjotr
Level 20
Level 20
Posts: 10157
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)

Post by Pjotr » Sun Jan 21, 2018 11:24 am

ArtGirl wrote:Thanks for the link. Unfortunately, I'm getting nothing show up when running the test, but am running the patched 4.4 and 4.13. Not sure what's happening there.
What does this command give:

Code: Select all

uname -rv
Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

Post Reply

Return to “Open chat”