On 23 February 2018 at 16:14, Michael Fothergill < michael.fotherg...@gmail.com> wrote:
> > > On 23 February 2018 at 14:14, Michael Fothergill < > michael.fotherg...@gmail.com> wrote: > >> >> >> On 23 February 2018 at 14:05, mlnl <m...@mailbox.org> wrote: >> >>> Hi, >>> >>> > Can it be true? A version of gcc that runs on stretch that will >>> > compile the latest fancy spectre fixes etc? >>> >>> with latest vanilla kernel 4.15.4 and updated gcc-6: >>> >>> CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' >>> * Mitigated according to the /sys interface: YES (kernel confirms that >>> the mitigation is active) >>> * Kernel has array_index_mask_nospec: YES (1 occurence(s) found of 64 >>> bits array_index_mask_nospec()) >>> > STATUS: NOT VULNERABLE (Mitigation: __user pointer sanitization) >>> >>> CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' >>> * Mitigated according to the /sys interface: YES (kernel confirms that >>> the mitigation is active) >>> * Mitigation 1 >>> * Kernel is compiled with IBRS/IBPB support: NO >>> * Currently enabled features >>> * IBRS enabled for Kernel space: NO >>> * IBRS enabled for User space: NO >>> * IBPB enabled: NO >>> * Mitigation 2 >>> * Kernel compiled with retpoline option: YES >>> * Kernel compiled with a retpoline-aware compiler: YES (kernel >>> reports full retpoline compilation) >>> * Retpoline enabled: NO >>> >> > Wot? How can retpoline not be enabled but the status is not > vulnerable...... > Sure enough, looking at the spectre meltdown checker on the kernel I am using in gentoo shows the retpoline is enabled and that the vulnerability status is "not vulnerable". It's not recent enough a kernel to address the spectre variant 1 problem as far as I am aware. Oh well... Cheers MF > djt /home/mikef/spectre-meltdown-checker # ./spectre-meltdown-checker.sh > Spectre and Meltdown mitigation detection tool v0.32 > > Checking for vulnerabilities on current system > Kernel is Linux 4.14.15-gentoo #1 SMP Tue Jan 30 16:22:47 GMT 2018 x86_64 > CPU is AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G > > CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' > * Mitigated according to the /sys interface: NO (kernel confirms your > system is vulnerable) > > STATUS: VULNERABLE (Vulnerable) > > CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' > * Mitigated according to the /sys interface: YES (kernel confirms that > the mitigation is active) > * Mitigation 1 > * Hardware support (CPU microcode) > * Indirect Branch Restricted Speculation (IBRS) > * SPEC_CTRL MSR is available: NO > * CPU indicates IBRS capability: NO > * Indirect Branch Prediction Barrier (IBPB) > * PRED_CMD MSR is available: NO > * CPU indicates IBPB capability: NO > * Kernel is compiled with IBRS/IBPB support: NO > * Currently enabled features > * IBRS enabled for Kernel space: NO > * IBRS enabled for User space: NO > * IBPB enabled: NO > * Mitigation 2 > * Kernel compiled with retpoline option: YES > * Kernel compiled with a retpoline-aware compiler: YES (kernel reports > full retpoline compilation) > * Retpoline enabled: YES > > STATUS: NOT VULNERABLE (Mitigation: Full AMD retpoline) > > CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3' > * Mitigated according to the /sys interface: YES (kernel confirms that > your CPU is unaffected) > * Kernel supports Page Table Isolation (PTI): YES > * PTI enabled and active: NO > * Running under Xen PV (64 bits): NO > > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not > vulnerable) > > A false sense of security is worse than no security at all, see > --disclaimer > djt /home/mikef/spectre-meltdown-checker # > > > > > >> > STATUS: NOT VULNERABLE (Mitigation: Full generic retpoline) >>> >>> CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3' >>> * Mitigated according to the /sys interface: YES (kernel confirms that >>> the mitigation is active) >>> * Kernel supports Page Table Isolation (PTI): YES >>> * PTI enabled and active: YES >>> * Running as a Xen PV DomU: NO >>> > STATUS: NOT VULNERABLE (Mitigation: PTI) >>> >> >> Absolutely whale harpooned it.... >> >> Great stuff. >> >> Cheers >> >> MF >> >> >>> >>> grep bugs /proc/cpuinfo >>> bugs : cpu_meltdown spectre_v1 spectre_v2 >>> model name : Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz >>> >>> >>> >>> stepping : 3 >>> >>> >>> >>> microcode : 0x22 >>> >>> -- >>> mlnl >>> >>> >> >
