> Gesendet: Mittwoch, 14. März 2018 um 06:13 Uhr > Von: "Bob Beck" <b...@obtuse.com> > An: "Brian Camp" <br...@thecamps.org> > Cc: "Theo de Raadt" <dera...@openbsd.org>, misc@openbsd.org > Betreff: Re: Meltdown workaround enabled? > > Intel make kitty scared... What a fuckmess.
Err....do I get it right, that a possibly vulnerable CPU (from 2016) is still vulnerable to MELTDOWN but a newer BIOS *fakes* the CPU flags so the MELTDOWN "detection code" says, "this CPU is NOT vulnerable" Is that right? Robert > > On Tue, Mar 13, 2018 at 22:57 Brian Camp <br...@thecamps.org> wrote: > > > On Tue, Mar 13, 2018 at 10:39 PM, Theo de Raadt <dera...@openbsd.org> > > wrote: > > >> According to some sources, Intel and a handful of others have known > > about the > > >> issue since February 2017(!), so perhaps it has already been patched in > > the > > >> 08Jan2018 BIOS. I too have doubts that to date any processor has been > > >> redesigned to avoid the flaws entirely, but then again... > > > > > > Sure. A BIOS can change the flag bits. > > > > > > Be nice to know. Did a BIOS change them? > > > > I downgraded the bios to try and figure this out. Going back just one > > revision (1/8/2018 to 12/18/2017) causes it to lose the flag and > > -current's MELTDOWN workaround to activate. > > > > Previous BIOS revision (12/18/2017): > > bcamp@nuc6cayh:~ (OpenBSD 6.3) > > $ cpuid 0x7 > > eax = 0x00000000 0 "????" > > ebx = 0x2294e283 580182659 "???"" > > ecx = 0x00000000 0 "????" > > edx = 0x00000000 0 "????" > > > > Newest BIOS revision (1/8/2018): > > bcamp@nuc6cayh:~ (OpenBSD 6.3) > > $ cpuid 0x7 > > eax = 0x00000000 0 "????" > > ebx = 0x2294e283 580182659 "???"" > > ecx = 0x00000000 0 "????" > > edx = 0x2c000000 738197504 "???," > > > > >
