Hi Arjen, The point I was making is that we see:
root@LEDE:/sys/devices/system/cpu/vulnerabilities# cat meltdown Vulnerable This should not be marked as vulnerable and it is being. Cheers, Nick On Sun, Jan 21, 2018 at 12:04 PM, Arjen de Korte <arjen+l...@de-korte.org> wrote: > Citeren Nick Lowe <nick.l...@gmail.com>: > > >> Yes, compiler updates will ultimately be necessary to properly close this. >> >> We can see for now with 4.9.77: >> >> root@LEDE:/sys/devices/system/cpu/vulnerabilities# cat spectre_v2 >> Vulnerable: Minimal AMD ASM retpoline >> >> AMD processors are also incorrectly being marked as being vulnerable >> to Meltdown. On my APU2C4 I see: >> >> root@LEDE:/sys/devices/system/cpu/vulnerabilities# cat meltdown >> Vulnerable >> >> From /proc/cpuinfo >> >> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov >> pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt >> pdpe1gb rdtscp lm constant_tsc rep_good acc_power nopl nonstop_tsc >> extd_apicid aperfmperf eagerfpu pni pclmulqdq monitor ssse3 cx16 >> sse4_1 sse4_2 movbe popcnt aes xsave avx f16c lahf_lm cmp_legacy svm >> extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit >> wdt topoext perfctr_nb bpext ptsc perfctr_l2 cpb hw_pstate retpoline >> retpoline_amd vmmcall bmi1 xsaveopt arat npt lbrv svm_lock nrip_save >> tsc_scale flushbyasid decodeassists pausefilter pfthreshold >> overflow_recov >> >> bugs : fxsave_leak sysret_ss_attrs null_seg cpu_meltdown spectre_v1 >> spectre_v2 >> >> This following patch seen in 4.14.14 is missing from 4.9.77: >> >> x86/cpu, x86/pti: Do not enable PTI on AMD processor >> >> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.14.14&id=151d7039757b71ebd9d170af0944562f51149372 >> >> We can see that in this commit which renamed X86_BUG_CPU_INSECURE to >> X86_BUG_CPU_MELTDOWN >> >> >> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.9.77&id=43fe95308d276bdfd133f5951cc25565e39982ec >> >> Can we backport this? > > > No, it's not missing, it's just in a different location: > > https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/arch/x86/mm/kaiser.c?h=v4.9.75&id=8018307a45a90ab2eecfd03d48b7efb31707df37 > > I already wrote this in a reply on Jan 8th... > >> Cheers, >> >> Nick >> >> On Thu, Jan 18, 2018 at 9:15 PM, Hauke Mehrtens <ha...@hauke-m.de> wrote: >>> >>> On 01/18/2018 01:51 PM, Nick Lowe wrote: >>>> >>>> Does an update to the Kernel, 4.9.77 and 4.14.14 need to be made to >>>> properly address this? There are fixes to mitigate Spectre. >>> >>> >>> We even need a patch for GCC which will be in GCC 8 and 7.3. >>> For master we should backport it to GCC 5.5, but what do we want to do >>> with 17.01 and 15.05 ? >>> >>> The AMD microcoded updater needs at least kernel 4.15, 4.14.13, 4.9.76, >>> 4.4.111 which we already have. >>> >>> Hauke >> >> >> _______________________________________________ >> Lede-dev mailing list >> Lede-dev@lists.infradead.org >> http://lists.infradead.org/mailman/listinfo/lede-dev > > > > > > _______________________________________________ > Lede-dev mailing list > Lede-dev@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/lede-dev _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
