On 10/7/23 12:13, Valmor F. de Almeida wrote:
On 10/7/23 08:09, Peter Böhm wrote:
Am Samstag, 7. Oktober 2023, 08:28:01 CEST schrieb Valmor de Almeida:
[snip]
For me the following questions would arise:
a) How did you install the kernel 6.1.41 ? (genkernel; dist-kernel;
manual
approach)
Sorry I described the install for the 6.1.53-gentoo-r1 kernel. The
install for 6.1.41 was similar but I used the config file from the
earlier kernel which is 6.1.38 to start make oldconfig.
--
Valmor
manual:
1) portage sync
2) make oldconfig in the new kernel directory for linux-6.1.53-gentoo-r1
• Mitigations for speculative execution vulnerabilities
*
Mitigations for speculative execution vulnerabilities
(SPECULATION_MITIGATIONS) [Y/n/?] y
Remove the kernel mapping in user mode (PAGE_TABLE_ISOLATION) [Y/n/?] y
Avoid speculative indirect branches in kernel (RETPOLINE) [Y/n/?] y
Enable return-thunks (RETHUNK) [Y/n/?] y
Enable UNRET on kernel entry (CPU_UNRET_ENTRY) [Y/n/?] y
Enable IBPB on kernel entry (CPU_IBPB_ENTRY) [Y/n/?] y
Enable IBRS on kernel entry (CPU_IBRS_ENTRY) [Y/n/?] y
Up to here default is picked automatically; I don't have a choice.
Next, I have tried with and without accepting the NEW features.
Mitigate speculative RAS overflow on AMD (CPU_SRSO) [Y/n/?] (NEW)
Mitigate Straight-Line-Speculation (SLS) [N/y/?] n
Force GDS Mitigation (GDS_FORCE_MITIGATION) [N/y/?] (NEW)
3) make menuconfig
4) make && make modules_install
5) make install
6) grub-mkconfig -o /boot/grub/grub.cfg
7) reboot
b) Did you make any kernel configuration changes in your 6.1.41 ?
no; I use what is in /boot
-> ls /boot/
config-6.1.41-gentoo grub/ System.map-6.1.41-gentoo
vmlinuz-6.1.41-gentoo
config-6.1.53-gentoo-r1 lost+found/ System.map-6.1.53-gentoo-r1
vmlinuz-6.1.53-gentoo-r1
c) Do you use a bootmanager ? (which ?; grub, refind ?)
I use grub-2
* sys-boot/grub
Latest version available: 2.06-r9
Latest version installed: 2.06-r9
d) How did you update to 6.1.53 ? (every step)
-> revdep-rebuild --ignore
-> emerge --depclean
-> eclean distfiles
-> eclean packages
-> emerge @preserved-rebuild
-> emerge --sync
-> etc-update
-> env-update
(run a script to source profile)
-> emerge -vp --update --newuse --deep --tree --with-bdeps=y @world
check conflicts etc., fetch files, then run without -vp
To better understand your system, I would look at the output of
"parted -l" (complete),
"dmesg" (complete),
"lspci -k" and
"emerge --info"
(after you have booted 6.1.41).
To clarify all this here via the mailing list might be difficult;
therefore I
would suggest to create a thread in our Gentoo support forum:
I will give it shot.
https://forums.gentoo.org/
(I am there also; but we have also a lot of great experts there)
If you create a thread in our forum, then please use wgetpaste for big
files:
https://wiki.gentoo.org/wiki/Wgetpaste
Greetings,
Peter
Thanks,
--
Valmor
