fixing Linux Mint 18.3 for Meltdown and Spectre

Chat about anything related to Linux Mint
User avatar
Pjotr
Level 20
Level 20
Posts: 10639
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Pjotr » Tue Jan 09, 2018 9:54 am

How did you first try to remove the 4.8 kernel? By some other means than by the kernel tool in Update Manager (which is the official way)?

Anyway, there are two options for you now:

1. Launch Synaptic, hunt for installed traces of the 4.8 kernel, and remove them all. If that doesn't work for you:

2. Make the jump forward to the latest kernel of the 4.13 series (needless to say: by means of the kernel tool in Update Manager). That's the quick-and-dirty solution.
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

norm.h
Level 4
Level 4
Posts: 468
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 9:59 am

Silly me, I edited my previous post so didn't notice your. Sorry.......... :oops:

Anyway, yes I used the tool in Update Manager [twice].
Will now do as you suggest and resort to Synaptic [see my previous edits]

Watch this space :!:

Tried to uninstall the two lines and got the same error, and the lines are still there [in RED]

Code: Select all

E: linux-image-extra-4.8.0-53-generic: subprocess installed post-removal script returned error exit status 1
E: linux-image-4.8.0-53-generic: subprocess installed post-removal script returned error exit status 1

norm.h
Level 4
Level 4
Posts: 468
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 10:25 am

This is just weird.........
Intending to go back to Square One with the intention of starting over, I reloaded 4.8.0.53 from Synaptic and enabled it in GRUB
Then went to Update Manager to remove 4.4 and ended up with the same 2 errors as detailed above.
Went to Synaptic to check what is and what isn't installed and the two RED lines are still there but this time for 4.4
Synaptic refuses to uninstall them

Code: Select all

E: linux-image-extra-4.4.0-104-generic: subprocess installed post-removal script returned error exit status 1
E: linux-image-4.4.0-104-generic: subprocess installed post-removal script returned error exit status 1
They are prohibiting [with the same error message] an update to Skype advised in Update Manager, and preventing the installation of 4.13 [as suggested above].

I get error relating to "trying to recover from package failure" - went to Synaptic to fix broken packages [twice] but that didn't help.
Who would have thought that changing a kernel would cause so much trouble?

User avatar
ClixTrix
Level 5
Level 5
Posts: 743
Joined: Wed Dec 09, 2015 11:40 am
Location: Columbus, Ohio, USA

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by ClixTrix » Tue Jan 09, 2018 12:33 pm

Did you run the run the following command after you edited Grub file (from link you posted where Grub was edited)?

Code: Select all

sudo update-grub
When you manually make Grub changes, it's always necessary to do that command. If you don't recall, run it again, and use mine for the copy and paste to Terminal.

I'm thinking the post-processor error is Grub related and could be an error stemming from that change.
Linux Mint 18.3 x64 Cinnamon Kernel 4.15.0-32-generic
Gigabyte GA-AB350M-D3H (F20) / Ryzen 5 1600 / Micron Ballistix Sport DDR4 2400 2x8GB / XFX HD5450-1GB
NVMe-SSD Samsung 960 EVO 250GB / SATA-HDD WD1600BEKT 160GB / SATA-SSD Toshiba OCZ VX500 512GB

norm.h
Level 4
Level 4
Posts: 468
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 12:36 pm

Yes, I definitely ran that command.

My concern now is that until I can get rid of those two "rogue" bits of 4.4 I won't be able to update anything, as trying to update Skype showed earlier.

I've googled for "subprocess installed post-removal script returned error exit status 1" and found lots of posts, that are very [for me] complicated, and years old anyway so I'm extremely reluctant try any of them.

Been at this all day and wish I'd never started it. I'm at a a complete loss as to know what to do next.

Help.PLEASE. :(

norm.h
Level 4
Level 4
Posts: 468
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 1:07 pm

Can anyone confirm if this might work please - before I get into any more of a mess..........

https://ubuntuforums.org/showthread.php ... 575&page=2

User avatar
ClixTrix
Level 5
Level 5
Posts: 743
Joined: Wed Dec 09, 2015 11:40 am
Location: Columbus, Ohio, USA

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by ClixTrix » Tue Jan 09, 2018 1:21 pm

norm.h wrote:Can anyone confirm if this might work please - before I get into any more of a mess..........

https://ubuntuforums.org/showthread.php ... 575&page=2
Well, it does suggest my suspicion on Grub as the problem is valid and perhaps that change as the origin. Going with off-script does lead to tangles.

Honestly, I would start a separate discussion in the Grub section of the forum to continue (get you untangled),as this problem is getting waaaay off topic here. And, no, that's not meant to be unsympathetic to the problem. Just don't want to irritate the admins. That post is relevant, but depends on your configuration, e.g. I have grub for efi and amd on my sig system, not common. Checking grub install via Software Manager or Synaptic is a head start for a post on the problem.
Last edited by ClixTrix on Tue Jan 09, 2018 1:27 pm, edited 1 time in total.
Linux Mint 18.3 x64 Cinnamon Kernel 4.15.0-32-generic
Gigabyte GA-AB350M-D3H (F20) / Ryzen 5 1600 / Micron Ballistix Sport DDR4 2400 2x8GB / XFX HD5450-1GB
NVMe-SSD Samsung 960 EVO 250GB / SATA-HDD WD1600BEKT 160GB / SATA-SSD Toshiba OCZ VX500 512GB

norm.h
Level 4
Level 4
Posts: 468
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 1:26 pm

Yes, thanks for that - I've gone way off topic, all because I took advice in this thread to change my kernel to avert Meltdown / Spectre.

My profuse apologies. :oops:

User avatar
ClixTrix
Level 5
Level 5
Posts: 743
Joined: Wed Dec 09, 2015 11:40 am
Location: Columbus, Ohio, USA

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by ClixTrix » Tue Jan 09, 2018 1:33 pm

norm.h wrote:Yes, thanks for that - I've gone way off topic, all because I took advice in this thread to change my kernel to avert Meltdown / Spectre.

My profuse apologies. :oops:
I don't think an apology is necessary. I think posting the problem where you can get the best help on the problem is best, i.e. to where someone that is deep into Grub help can give it the best advise. Obviously, the chat boards aren't. It's the post where you unhide the grub boot that got me thinking, that and not using the Update Manager to install and uninstall kernels. Something got twisted.
Linux Mint 18.3 x64 Cinnamon Kernel 4.15.0-32-generic
Gigabyte GA-AB350M-D3H (F20) / Ryzen 5 1600 / Micron Ballistix Sport DDR4 2400 2x8GB / XFX HD5450-1GB
NVMe-SSD Samsung 960 EVO 250GB / SATA-HDD WD1600BEKT 160GB / SATA-SSD Toshiba OCZ VX500 512GB

User avatar
tovian
Level 5
Level 5
Posts: 529
Joined: Sun Nov 22, 2015 1:17 pm
Location: Heart of Dixie

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by tovian » Tue Jan 09, 2018 1:51 pm

Suggestion:

Go HERE

Download and Install GRUB-CUSTOMIZER

Use this (GUI) utility to modify GRUB to suit your needs.
“I think that this situation absolutely requires a really futile and stupid gesture be done on somebody's part!"
"We're just the guys to do it.”

Animal House

User avatar
Pjotr
Level 20
Level 20
Posts: 10639
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Pjotr » Tue Jan 09, 2018 2:01 pm

@norm.h: please do *not* use Grub Customizer. It's superfluous and it'll irreversibly add a thick layer of complexity to your bootloader.

Try this instead:
https://ubuntuforums.org/showthread.php ... st11044403
Last edited by Pjotr on Tue Jan 09, 2018 2:04 pm, edited 3 times in total.
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
ClixTrix
Level 5
Level 5
Posts: 743
Joined: Wed Dec 09, 2015 11:40 am
Location: Columbus, Ohio, USA

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by ClixTrix » Tue Jan 09, 2018 2:02 pm

Well, there was a reason I came here this morning. Looks like the MS fix was a problem for AMD K8.

https://www.theverge.com/2018/1/9/16867 ... pcs-issues
Linux Mint 18.3 x64 Cinnamon Kernel 4.15.0-32-generic
Gigabyte GA-AB350M-D3H (F20) / Ryzen 5 1600 / Micron Ballistix Sport DDR4 2400 2x8GB / XFX HD5450-1GB
NVMe-SSD Samsung 960 EVO 250GB / SATA-HDD WD1600BEKT 160GB / SATA-SSD Toshiba OCZ VX500 512GB

norm.h
Level 4
Level 4
Posts: 468
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 2:50 pm


wpshooter
Level 5
Level 5
Posts: 519
Joined: Sun May 22, 2011 8:06 am

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by wpshooter » Tue Jan 09, 2018 9:51 pm

I noticed that there was a kernel update today (01-09-2017) - version 4.4.0-108.

Is that update to the kernel supposed to fix the Meltdown and Spectre processor security problems ?

Thanks.

User avatar
Marziano
Level 7
Level 7
Posts: 1830
Joined: Thu Jan 04, 2018 1:00 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Marziano » Tue Jan 09, 2018 10:30 pm

Yes it is! Have a look at karlchen's post here:
viewtopic.php?f=58&t=261280
I suppose that's one of the ironies of life, doing the wrong thing at the right moment -C.C.

wpshooter
Level 5
Level 5
Posts: 519
Joined: Sun May 22, 2011 8:06 am

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by wpshooter » Tue Jan 09, 2018 10:40 pm

Marziano wrote:Yes it is! Have a look here:
viewtopic.php?f=58&t=261280
Thanks for your reply.

Here is why I ask.

A couple of days ago I ran the Intel Detection Tool and it said that my processor
was VULNERABLE to the Meltdown and Spectre problems.

But after I installed today's kernel update, the Intel Detection Tool STILL says that
my processor is VULNERABLE to the problems. Should the installation of the new
kernel prevent the Intel tool from giving a positive result or is the tool just saying
that the processor is subject to the problems and is "basically" unaware as to whether the
problem has been mitigated or not ?

Thanks.

User avatar
Marziano
Level 7
Level 7
Posts: 1830
Joined: Thu Jan 04, 2018 1:00 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Marziano » Tue Jan 09, 2018 10:59 pm

Based on what I have read about Windows fix, the kernel patches are only one part of the solution. Apparently there is a need for uefi/bios update as well. If you want you can read this article in How-to Geek:
https://www.howtogeek.com/338801/how-to ... d-spectre/

It's about Windows, but it might shed some light on the subject:
Warning: Even if you’ve installed patches from Windows Update, your PC may not completely protected from the Meltdown and Spectre CPU flaws. Here’s how to check if you’re fully protected, and what to do if you aren’t.

To fully protect against Meltdown and Spectre, you’ll need to install a UEFI or BIOS update from your PC’s manufacturer as well as the various software patches. These UEFI updates contain new Intel processor microcode that adds additional protection against these attacks. Unfortunately, they aren’t distributed via Windows Update—unless you’re using a Microsoft Surface device—so they must be downloaded from your manufacturer’s website and installed manually.

(source: the link above)

This might apply to Linux kernels' patches as well and that is maybe why the tool still flags your cpu as being vulnerable.

For making sure that KPTI feature is enabled for the kernel, you can run this:

Code: Select all

dmesg | grep 'page tables isolation'
and you should get this:

Code: Select all

 Kernel/User page tables isolation: enabled
I suppose that's one of the ironies of life, doing the wrong thing at the right moment -C.C.

User avatar
Marziano
Level 7
Level 7
Posts: 1830
Joined: Thu Jan 04, 2018 1:00 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Marziano » Wed Jan 10, 2018 1:06 am

@Pjotr

You wrote higher up:
@norm.h: please do *not* use Grub Customizer. It's superfluous and it'll irreversibly add a thick layer of complexity to your bootloader.
Would you please elaborate on that? I thought Grub Customizer was a tool intended for editing the grub.cfg file without you "getting your hands dirty". It just probes the system for all the boot options available and you just decide in what order they appear on the grub menu and it takes care of that. I am not sure if I understand how it adds " a thick layer of complexity to your bootloader".
regards
I suppose that's one of the ironies of life, doing the wrong thing at the right moment -C.C.

User avatar
smurphos
Level 6
Level 6
Posts: 1149
Joined: Fri Sep 05, 2014 12:18 am
Location: Britisher...

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by smurphos » Wed Jan 10, 2018 1:38 am

wpshooter wrote: But after I installed today's kernel update, the Intel Detection Tool STILL says that
my processor is VULNERABLE to the problems. Should the installation of the new
kernel prevent the Intel tool from giving a positive result or is the tool just saying
that the processor is subject to the problems and is "basically" unaware as to whether the
problem has been mitigated or not ?

Thanks.
The current round of kernel updates from Ubuntu only address Meltdown, not Spectre.

Spectre fixes to follow at a later date.

https://wiki.ubuntu.com/SecurityTeam/Kn ... ndMeltdown

scjet45
Level 3
Level 3
Posts: 109
Joined: Sat May 07, 2016 12:50 am

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by scjet45 » Wed Jan 10, 2018 5:20 am

"...The Rolling HWE kernel for Ubuntu 16.04 will go to 4.13 early, instead of also fixing 4.10 HWE kernel. " ???

I'm on LM 18.3 (Mate):

Code: Select all

uname -a
Linux 4.10.0-42-generic #46~16.04.1-Ubuntu SMP[/b] Mon Dec 4 15:57:59 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Ok, so do I stay with latest 4.10.0-42, or go to latest 4.13.* ?

Thx ahead.

Post Reply

Return to “Chat about Linux Mint”