Le 17/02/2018 à 18:11, Wolfgang Pfeiffer a écrit : > On Sat, 17 Feb 2018 13:25:06 +0100 > François Patte <francois.pa...@mi.parisdescartes.fr> wrote: > >> Le 17/02/2018 à 12:59, Ed Greshko a écrit : >>> On 02/17/18 18:12, François Patte wrote: >>>> I just updated f27 and the new installed kernel >>>> (4.15.3-300.fc27.x86_64), sends these messages at boot time: >>>> >>>> kernel: Spectre V2 : Mitigation: Full generic retpoline >>>> kernel: Spectre V2 : System may be vulnerable to spectre v2 >>>> >>>> What do they mean and what to do? Waiting for next kernel update? >>> >>> >>> It may mean that your particular CPU is not fully protected by the recent >>> kernel patches. >>> >>> Cat the files in /sys/devices/system/cpu/vulnerabilities >>> >>> FWIW, my systems have .... >>> >>> [egreshko@acer vulnerabilities]$ cat meltdown >>> Mitigation: PTI >>> >>> [egreshko@acer vulnerabilities]$ cat spectre_v1 >>> Mitigation: __user pointer sanitization >> >> Same as you. >> >>> >>> [egreshko@acer vulnerabilities]$ cat spectre_v2 >>> Mitigation: Full generic retpoline >> >> this one gives: >> >> Mitigation: Full generic retpoline - vulnerable module loaded >> >> But does not give the module name!! > > You might want to try and see your last boot messages (or any logs for > might matter ...) > > journalctl -b > > Then search for Spectre and retpoline (maybe changing upper/lower case) > and the messages before and after these found instances .. look hard ...
journalctl -b | grep -i retpoline returns that virtualbox drivers (vboxdrv, vboxnetflt, vboxnetadp, vboxpci) and nvidia driver were not compiled with a retpoline compiler.... As these modules are compiled on board with gcc using akmod, I suppose that gcc is not a retpoline compiler. What can I do? -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)6 7892 5822 http://www.math-info.univ-paris5.fr/~patte
signature.asc
Description: OpenPGP digital signature
_______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org
