On Friday, 27 April 2018 06:42:56 BST Nikos Chantziaras wrote: > On 26/04/18 14:42, Mick wrote: > > Hmm ... why is my Intel system missing 'IBPB' & 'IBRS_FW' ? > > > > $ grep . /sys/devices/system/cpu/vulnerabilities/* > > /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI > > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user > > pointer sanitization > > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full > > generic > > retpoline > > > > Are there some kernel options I should have selected manually? > > Do you have the latest sys-firmware/intel-microcode installed and > configured correctly? You need to enable the "early microcode" kernel > option, and you also need to add /boot/intel-uc.img to your list of > initrds to load in grub2. Alternatively, a BIOS update for your > mainboard (if one exists; most older mainboards won't get updates from > the likes of Asus, MSI, Gigabyte, etc, etc, etc, so for older boards, > you need the microcode package.)
Ahh! If the 'IBPB' & 'IBRS_FW' components come from the microcode this probably explains why I don't have them. I am (still) running an early i7 Intel, which means it won't get any more microcode updates. The latest available is 'intel-ucode/06-1e-05' and as we know Intel has abandoned all older owners of their hardware. One good reason for me to abandon them in turn. :-) -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
