Gentoo Archives: gentoo-user

From: zless <zless@×××××.site>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] spec_store_bypass mitigation
Date: Wed, 13 Jun 2018 06:23:10
Message-Id: 2294657.nmpQMvqEhx@callisto
In Reply to: Re: [gentoo-user] spec_store_bypass mitigation by Mick
1 Hi Mick
2
3 În ziua de sâmbătă, 9 iunie 2018, la 22:08:23 EEST, Mick a scris:
4 > On Thursday, 7 June 2018 08:37:41 BST zless wrote:
5 > > Hello,
6 > >
7 > > I just finished installing kernel 4.14.48 on two
8 > > Intel laptops and I have different results for
9 > >
10 > > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass
11 > >
12 > > On one of them it looks nice:
13 > > "Mitigation: Speculative Store Bypass disabled via prctl and seccomp"
14 > > but on the other it still says "Vulnerable".
15 > >
16 > > Any idea on what might influence this? The kernel configs are fairly
17 > > similar, the only thing that's different is the microcode, which is from
18 > > 2017 for the "vulnerable" one.
19 > >
20 > > Thanks
21 >
22 > I would think it is cause by the microcode.
23 >
24 > After you updated sys-firmware/intel-microcode did you rebuild and reboot the
25 > *rebuilt* kernel on both PCs?
26
27 I just booted in a even newer 4.14.49 kernel but no change so far.
28
29 dmesg: Speculative Store Bypass: Vulnerable
30
31 I can only conclude that yes, it is closely related to the firmware version.
32
33 Thanks