Gentoo Archives: gentoo-user

From: zless <zless@×××××.site>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] spec_store_bypass mitigation
Date: Wed, 13 Jun 2018 06:23:10
Message-Id: 2294657.nmpQMvqEhx@callisto
In Reply to: Re: [gentoo-user] spec_store_bypass mitigation by Mick
Hi Mick

În ziua de sâmbătă, 9 iunie 2018, la 22:08:23 EEST, Mick a scris:
> On Thursday, 7 June 2018 08:37:41 BST zless wrote: > > Hello, > > > > I just finished installing kernel 4.14.48 on two > > Intel laptops and I have different results for > > > > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass > > > > On one of them it looks nice: > > "Mitigation: Speculative Store Bypass disabled via prctl and seccomp" > > but on the other it still says "Vulnerable". > > > > Any idea on what might influence this? The kernel configs are fairly > > similar, the only thing that's different is the microcode, which is from > > 2017 for the "vulnerable" one. > > > > Thanks > > I would think it is cause by the microcode. > > After you updated sys-firmware/intel-microcode did you rebuild and reboot the > *rebuilt* kernel on both PCs?
I just booted in a even newer 4.14.49 kernel but no change so far. dmesg: Speculative Store Bypass: Vulnerable I can only conclude that yes, it is closely related to the firmware version. Thanks