Spectre and Meltdown: Next Generation

Chat about just about anything else
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
DAMIEN1307

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 »

so far...no problems with startup speed...no problems with system speed...still starting in cold start @ 37 seconds...going into second hour of testing...DAMIEN
DAMIEN1307

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 »

just went into total shutdowm...full cold boot still timing out at 37 seconds...so far so good with new microcode in the second hour of testing...DAMIEN
Cosmo.
Level 24
Level 24
Posts: 22968
Joined: Sat Dec 06, 2014 7:34 am

Re: Spectre and Meltdown: Next Generation

Post by Cosmo. »

absque fenestris wrote: Thu May 03, 2018 7:40 pm At least as far as the Swiss cheese with the holes is concerned - more precisely it is the Emmentaler:
In principle correct. But all what I did was to translate the passage of the article, I did not want to interpret or correct it. (And in German language the terms Swiss cheese and Emmentaler are often used as synonyms, although this is not correct.)

(In the English version as provided by heise the comparison with any cheese has been removed.)
User avatar
absque fenestris
Level 12
Level 12
Posts: 4124
Joined: Sat Nov 12, 2016 8:42 pm
Location: Confoederatio Helvetica

Re: Spectre and Meltdown: Next Generation

Post by absque fenestris »

:lol: Don't mention it. But it was too good an opportunity to do some promotion for home.
DAMIEN1307

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 »

hi folks...my testing results for new microcodes...1- for intel and 1- for amd ...they seem to work just fine...terminal report for amd processor on my main computer...AMD Beavercreek Processor...

dpkg -l | grep microcode
ii amd64-microcode 3.20171205.2 amd64 Processor microcode firmware for AMD CPUs

grep CONFIG_PAGE_TABLE_ISOLATION=y /boot/config-`uname -r` && echo "patched" || echo "unpatched"
CONFIG_PAGE_TABLE_ISOLATION=y
patched

grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline

terminal report for my intel i5 sandybridge auxillary system

dpkg -l | grep microcode
ii intel-microcode 3.20180425.1 amd64 Processor microcode firmware for Intel CPUs
ii iucode-tool 1.5.1-1ubuntu0.1 amd64 Intel processor microcode tool

second...damien1@damien1 ~ $ grep CONFIG_PAGE_TABLE_ISOLATION=y /boot/config-`uname -r` && echo "patched" || echo "unpatched"
CONFIG_PAGE_TABLE_ISOLATION=y
patched

third...damien1@damien1 ~ $ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW

nothing has borked as of yet...DAMIEN

here are the links to oregon state university repositories if anyone is interested...the first will be for AMD...the 2nd will be for intel...there are no new microcodes for 32 bit as of yet...newest amd is dated may 4th...the newest intel is dated may 2nd...i used the .deb installers for both machines...DAMIEN

http://ftp.us.debian.org/debian/pool/no ... microcode/

http://ftp.us.debian.org/debian/pool/no ... microcode/
Last edited by DAMIEN1307 on Fri May 04, 2018 3:48 pm, edited 1 time in total.
User avatar
AZgl1800
Level 20
Level 20
Posts: 11117
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: Spectre and Meltdown: Next Generation

Post by AZgl1800 »

I wonder at how much exposure the average user will ever see to one of these hack attempts?

99% of my surfing time is on 4 forums.

0.001% reading news.google.com and following a few news articles.

Emails from unknown senders? usually get 'spammed' with a click, that is IF they make it thru Yahoo's, or Gmail's own spam filters.
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
DAMIEN1307

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 »

To my knowledge with this issue at this time, i believe that these Spectre annoyances are being aimed more so at servers and will affect things like Cloudflare, cloudfront, AWS and things of the like...the average user, whether he/she likes it or not, use these services everytime they use the internet/web...so i guess all computer users will be effected by this one way or the other...DAMIEN
Benedetto
Level 2
Level 2
Posts: 65
Joined: Wed Jul 26, 2017 11:50 am
Location: SW England

Re: Spectre and Meltdown: Next Generation

Post by Benedetto »

This is the view from the BBC Technology web page:
http://www.bbc.co.uk/news/technology-44003850
Best wishes,
Linux Mint 21:2 Cinnamon 5.8.4 - Desktop
Linux Mint 21:2 - VAIO Laptop
User avatar
Portreve
Level 13
Level 13
Posts: 4882
Joined: Mon Apr 18, 2011 12:03 am
Location: Within 20,004 km of YOU!
Contact:

Re: Spectre and Meltdown: Next Generation

Post by Portreve »

Cosmo. wrote: Thu May 03, 2018 6:19 amSecurity researchers have found 8 new security threats, currently named as Spectre Next Generation. Intel has currently classified 4 of them as high critical. One of them is able to break the borders of the system; this means, that an exploit, running in a virtual machine, can break its border and can affect the host and other virtual machines on this host. This risk will affect all servers, which are running in a cloud as VMs.
Oh... joy. More felgercarb to slog through.

Thanks you two. Your efforts are much appreciated.
Flying this flag in support of freedom 🇺🇦

Recommended keyboard layout: English (intl., with AltGR dead keys)

Podcasts: Linux Unplugged, Destination Linux

Also check out Thor Hartmannsson's Linux Tips YouTube Channel
User avatar
catweazel
Level 19
Level 19
Posts: 9763
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

More Spectre woes on the way...

Post by catweazel »

https://www.itnews.com.au/news/eight-mo ... ors-490279

Chip giant Intel faces further security patch headaches after researchers discovered and reported eight new Spectre-style hardware vulnerabilities in the company's processors.

First reported by German IT site C'T, which said it has been given full technical details on the vulnerabilties by researchers and verified them, the flaws have been confirmed by Intel which has reserved Common Vulnerabilities and Exposures (CVE) numbers for them.

The new set of hardware flaws have been named Spectre New Generation, and Intel rates four of the eight vulnerabilities found as high severity, and the rest as medium.


Quoted from the URL above.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
User avatar
karlchen
Level 23
Level 23
Posts: 18157
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

RE: Spectre and Meltdown: Next Generation

Post by karlchen »

<moderator on>
Had already been reported here at the beginning of May: Spectre and Meltdown: Next Generation.
Going to append your thread, catweazel, to that thread.
Done.
</moderator off>
Image
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 750 days now.
Lifeline
User avatar
smurphos
Level 18
Level 18
Posts: 8501
Joined: Fri Sep 05, 2014 12:18 am
Location: Irish Brit in Portugal
Contact:

Re: Spectre and Meltdown: Next Generation

Post by smurphos »

Spectre variant 4 - disclosed officially yesterday, kernel patches released today - will need as yet unavailable microcode update..... :roll:

https://www.intel.com/content/www/us/en ... 00115.html
https://wiki.ubuntu.com/SecurityTeam/Kn ... e/Variant4
For custom Nemo actions, useful scripts for the Cinnamon desktop, and Cinnamox themes visit my Github pages.
User avatar
kc1di
Level 18
Level 18
Posts: 8137
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Here we go again!

Post by kc1di »

Another CPU vulnerability https://www.zdnet.com/article/spectre-c ... CAD2e14604
Patches will be coming soon, keep your system up to date.
Easy tips : https://easylinuxtipsproject.blogspot.com/ Pjotr's Great Linux projects page.
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
DAMIEN1307

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 »

variant 4 (spec-storage)...newest LTS kernel 4.4.0-127 as of today, and newest AMD microcode release 3.20180515.1 as of 5-19-2018...nothing new from intel as of yet...DAMIEN

damien@DAMIEN ~ $ dpkg -l | grep microcode
ii amd64-microcode 3.20180515.1 amd64 Processor microcode firmware for AMD CPUs
damien@DAMIEN ~ $

damien@DAMIEN ~ $ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: OSB (observable speculation barrier, Intel v6)
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline
damien@DAMIEN ~ $
User avatar
karlchen
Level 23
Level 23
Posts: 18157
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

Re: Spectre and Meltdown: Next Generation

Post by karlchen »

<moderator on> Threads "Here we go again!" and "Spectre and Meltdown: Next Generation" merged. </moderator off>
Image
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 750 days now.
Lifeline
User avatar
kc1di
Level 18
Level 18
Posts: 8137
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Re: Spectre and Meltdown: Next Generation

Post by kc1di »

karlchen wrote: Tue May 22, 2018 8:15 am <moderator on> Threads "Here we go again!" and "Spectre and Meltdown: Next Generation" merged. </moderator off>
Thanks :)
Easy tips : https://easylinuxtipsproject.blogspot.com/ Pjotr's Great Linux projects page.
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
DAMIEN1307

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 »

It is now officially known as Spectre variant 3a and Spectre variant 4...following article discusses just which CPUs are vulnerable and once again telling us about staying up to date on microcode updates as well as any update patches to come...note also that atom processors are now also included...thus far only Intel processors seem to be affected but we all know by now that the experts will probably find out that the other manufacturers products may soon join the list...more fun to come...lol...DAMIEN

https://news.softpedia.com/news/securit ... 1225.shtml
User avatar
stephanieswitzer
Level 4
Level 4
Posts: 235
Joined: Mon Feb 26, 2018 12:49 pm
Location: Ontario

Re: Spectre and Meltdown: Next Generation

Post by stephanieswitzer »

So what is this processor microcode? I notice that I have a driver available in Driver Manager:

Intel-Microcode (open-source)
Version 3.20180425.1~ubuntu0.16.04.1

Should I install this as my system seems to chirping along just fine.
How can I check which version I have installed.
Mac-Mini running Linux Mint 20.3 Cinnamon, Intel© Core™ i5-2415M CPU @ 2.30GHz
MacBookPro9,2 running Linux Mint Cinnamon 20.3 Intel Core i5-3210M CPU @ 3.20GHz
System76 Galago Pro 4, running Linux Mint Cinnamon 20.3 Intel i5-1021 CPU @ 4.2 Ghz
User avatar
Spearmint2
Level 16
Level 16
Posts: 6900
Joined: Sat May 04, 2013 1:41 pm
Location: Maryland, USA

Re: Spectre and Meltdown: Next Generation

Post by Spearmint2 »

AMD page


Intel page and affected processors


patched kernel now available from Update Manager, but will only show in that as 3.13.0-149-generic. Now in process of installing.

Code: Select all

Unpacking linux-image-3.13.0-149-generic (3.13.0-149.199)
on Linux Mint 17.3, 32 bit

Code: Select all

grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: OSB (observable speculation barrier, Intel v6)
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline
No Problems!
Last edited by Spearmint2 on Tue May 22, 2018 5:23 pm, edited 3 times in total.
All things go better with Mint. Mint julep, mint jelly, mint gum, candy mints, pillow mints, peppermint, chocolate mints, spearmint,....
DAMIEN1307

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 »

Hi stephanie...that microcode in your driver manager is the latest one released thru the mint updater and recommended for your system...i always install the most up to date microcode recommended and have never had a failure...yes your system is "chirping" right along with the existing microcode, however this newest one has new "mitigation" code re-written within it to mitigate vulnerabilities found in your Intel CPU chipset...this should be installed as well as any updates that will be forthcoming from the linux mint update manager...DAMIEN

run this code to check your microcode version, dont panic if nothing shows up, it just means that you have what came installed and have probably never updated it...after installing and REBOOTING your computer, run the code again and it should show up.

dpkg -l | grep microcode


after you have done the above, run this code, the last word in the terminal after running this should say "patched"

grep CONFIG_PAGE_TABLE_ISOLATION=y /boot/config-`uname -r` && echo "patched" || echo "unpatched"


and lastly, run this code in your terminal and it will show that mitigations have been applied

grep . /sys/devices/system/cpu/vulnerabilities/*
Locked

Return to “Open Chat”