Alessandro Selli <alessandrose...@linux.com> wrote: > I read that, as this is a CPU hardware bug, it affects all OSes: > > https://www.bleepingcomputer.com/news/security/new-lazy-fp-state-restore-vulnerability-affects-all-intel-core-cpus/ > > According to Intel this new vulnerability affects all Intel Intel > Core-based microprocessors and is a bug in the actual CPU, so it does > not matter what operating system the user is running. It could be > Windows, Linux, BSD, or any other operating running an an Intel > Core-based CPU and using "Lazy FPU context switching".
Yes, it affects any OS - but only (AIUI) if the do this “lazy FPU context switch”. From the report I read (on TheRegister https://www.theregister.co.uk/2018/06/13/intel_lazy_fpu_state_security_flaw/ ) recent Linux kernels don’t use that and so aren’t vulnerable. > Modern versions of Linux – from kernel version 4.9, released in 2016, and > later ... are not affected by this flaw ... The Linux kernel team is > back-porting mitigations to pre-4.9 kernels It then goes on to say that > The fix is to employ a mechanism called eager FPU state restore, which modern > Linux, Windows and other kernels use. These mitigations do not carry a > performance hit – in fact, eager state switching can increase performance. So it sounds like this one isn’t the big issue it initially looks like. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
