Public bug reported:
TL;DR: Gather Data Sampling (GDS) vulnerability is not being mitigated
in Ubuntu kernel because the config option CONFIG_MITIGATION_GDS is not
enabled. This option is necessary so the microcode mitigation be
enabled.
I have an Intel CPU, and GDS should be mitigated by microcode, but since
this config option is not enabled, I don't know if it's because
performance or other reason, the mitigation in the microcode doesn't
work.
I'm comparing with my other kernel, the Liquorix, which has this config option
enabled. With it I got:
cat /sys/devices/system/cpu/vulnerabilities/gather_data_sampling
Mitigation: Microcode
Also, with the same kernel I got:
sudo rdmsr 291 -a
[sudo: authenticate] Password:
CPU 0: 0
CPU 1: 0
CPU 2: 0
CPU 3: 0
CPU 4: 0
CPU 5: 0
CPU 6: 0
CPU 7: 0
CPU 8: 0
CPU 9: 0
CPU 10: 0
CPU 11: 0
CPU 12: 0
CPU 13: 0
CPU 14: 0
CPU 15: 0
0 is the correct value accordingly the Intel documentation. Without this
option, the result for the command is 10, which means the mitigation is
not being applied.
How can we change that so the mitigation be put in place?
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2154728
Title:
GDS mitigation not enabled in Ubuntu kernel
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2154728/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
