Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-25 Thread Rich Freeman 
On Thu, Jan 25, 2018 at 1:39 AM, Adam Carter  wrote:
>
> Seems to me like point versions of 4.9 and 4.14 are often released on the
> same date, but fixes that have gone into 4.14 don't make it into 4.9 until
> the subsequent release. Could be my imagination.

One of the issues with Meltdown/Spectre in particular is that the
affected parts of the kernel have undergone some change over the
years, and the changes themselves are not trivial.  For some of the
much older kernels the fixes are basically complete rewrites, with
their own quality issues and timelines.  For 4.9 that probably isn't
as much of a factor, but it wouldn't surprise me if the changes still
migrate their way backwards in time.  There have been regressions with
some of these changes, and that being the case the maintainers might
want to both reduce the number of people impacted and also test them
first on the kernels most similar to mainline where the patches were
developed.

-- 
Rich

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-24 Thread Adam Carter 
>
> > $ cat /sys/devices/system/cpu/vulnerabilities/meltdown
> > Not affected
>
> Aha.
>
> matica!1 ~$ cat /sys/devices/system/cpu/vulnerabilities/meltdown
> Not affected
>  matica!2 ~$ uname -r
> 4.9.78
>
> I guess these patches will be trickling down for a long time yet.
>

Good to see.

Seems to me like point versions of 4.9 and 4.14 are often released on the
same date, but fixes that have gone into 4.14 don't make it into 4.9 until
the subsequent release. Could be my imagination.

[gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-24 Thread Ian Zimmerman 
On 2018-01-19 10:50, Adam Carter wrote:

> > Looking at the kernel source (for 4.9.77), the flag is initially set no
> > matter what in arch/x86/kernel/cpu/common.c @cpu_show_meltdown(), and
> > nothing afterwards clears it ...
> 
> 
> With 4.14.14, pretty much same CPU;
> model   : 4
> model name  : AMD Phenom(tm) II X4 965 Processor
> stepping: 3
> 
> $ cat /sys/devices/system/cpu/vulnerabilities/meltdown
> Not affected

Aha.

matica!1 ~$ cat /sys/devices/system/cpu/vulnerabilities/meltdown 
Not affected
 matica!2 ~$ uname -r
4.9.78

I guess these patches will be trickling down for a long time yet.

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet, fetch the TXT record for the domain.

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-21 Thread Rich Freeman 
On Sun, Jan 21, 2018 at 8:41 PM, Corbin Bird  wrote:
> On 01/18/2018 02:43 PM, Rich Freeman wrote:
>> cat /sys/devices/system/cpu/vulnerabilities/meltdown
>
> Strange, get this response from kernel 4.9.76-r1

In the 4.9 series it was added in 4.9.77 upstream, unless Gentoo backported it.

>
> Did you compile your kernel with "vendor support" for Intel enabled?

Yes, though this is an AMD processor.  I'm pretty sure your issue is
just that you don't have the needed patch.

-- 
Rich

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-21 Thread Corbin Bird 
On 01/18/2018 02:43 PM, Rich Freeman wrote:
> cat /sys/devices/system/cpu/vulnerabilities/meltdown

Strange, get this response from kernel 4.9.76-r1
> Darkstar ~ # cat /sys/devices/system/cpu/vulnerabilities/meltdown
> cat: /sys/devices/system/cpu/vulnerabilities/meltdown: No such file or
> directory

/proc/cpuinfo has not changed.
> Darkstar ~ # cat /proc/cpuinfo
> processor    : 0
> vendor_id    : AuthenticAMD
> cpu family    : 21
> model        : 2
> model name    : AMD FX(tm)-9590 Eight-Core Processor
> stepping    : 0
> microcode    : 0x600084f
> cpu MHz        : 4700.000
> cache size    : 2048 KB
> bugs        : fxsave_leak sysret_ss_attrs null_seg

Did you compile your kernel with "vendor support" for Intel enabled?

Corbin

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-18 Thread Adam Carter 
On Fri, Jan 19, 2018 at 9:17 AM, Ian Zimmerman  wrote:

>
>  matica!13 linux$ dmesg | fgrep -i phenom
> [0.603608] smpboot: CPU0: AMD Phenom(tm) II X4 955 Processor
> (family: 0x10, model: 0x4, stepping: 0x3)
>
> Looking at the kernel source (for 4.9.77), the flag is initially set no
> matter what in arch/x86/kernel/cpu/common.c @cpu_show_meltdown(), and
> nothing afterwards clears it ...


With 4.14.14, pretty much same CPU;
model   : 4
model name  : AMD Phenom(tm) II X4 965 Processor
stepping: 3

$ cat /sys/devices/system/cpu/vulnerabilities/meltdown
Not affected

[gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-18 Thread Ian Zimmerman 
On 2018-01-19 08:22, Adam Carter wrote:

> > On my fam10/barcelona;
> > cat /sys/devices/system/cpu/vulnerabilities/meltdown
> > Not affected

> Ian. which CPU do you have?

 matica!13 linux$ dmesg | fgrep -i phenom
[0.603608] smpboot: CPU0: AMD Phenom(tm) II X4 955 Processor
(family: 0x10, model: 0x4, stepping: 0x3)

Looking at the kernel source (for 4.9.77), the flag is initially set no
matter what in arch/x86/kernel/cpu/common.c @cpu_show_meltdown(), and
nothing afterwards clears it ...

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet, fetch the TXT record for the domain.

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-18 Thread Adam Carter 
>
> On my fam10/barcelona;
> cat /sys/devices/system/cpu/vulnerabilities/meltdown
> Not affected
>
> Ian. which CPU do you have?

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-18 Thread Adam Carter 
> So has 4.9.77, but it's dumb:
> >
> >  matica!3 ~$ cat /sys/devices/system/cpu/vulnerabilities/meltdown
> > Vulnerable
> >  matica!4 ~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
> > Vulnerable
> >  matica!5 ~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
> > Vulnerable: Minimal AMD ASM retpoline
> >
> > (AMD is not affected by Meltdown)
> >
>
> On my Ryzen 5-1600 I get:
> cat /sys/devices/system/cpu/vulnerabilities/meltdown
> Not affected
>
> I'm not sure why you're getting a vulnerable message.
>
> On my fam10/barcelona;
cat /sys/devices/system/cpu/vulnerabilities/meltdown
Not affected

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-18 Thread Rich Freeman 
On Thu, Jan 18, 2018 at 2:31 PM, Ian Zimmerman  wrote:
> On 2018-01-18 19:28, Adam Carter wrote:
>
>> Nice;
>>
>> $ ls /sys/devices/system/cpu/vulnerabilities/
>> meltdown  spectre_v1  spectre_v2
>> $ cat /sys/devices/system/cpu/vulnerabilities/meltdown
>> Mitigation: PTI
>> $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
>> Vulnerable
>> $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
>> Vulnerable: Minimal generic ASM retpoline
>
> So has 4.9.77, but it's dumb:
>
>  matica!3 ~$ cat /sys/devices/system/cpu/vulnerabilities/meltdown
> Vulnerable
>  matica!4 ~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
> Vulnerable
>  matica!5 ~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
> Vulnerable: Minimal AMD ASM retpoline
>
> (AMD is not affected by Meltdown)
>

On my Ryzen 5-1600 I get:
cat /sys/devices/system/cpu/vulnerabilities/meltdown
Not affected

I'm not sure why you're getting a vulnerable message.

-- 
Rich

[gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-18 Thread Ian Zimmerman 
On 2018-01-18 19:28, Adam Carter wrote:

> Nice;
> 
> $ ls /sys/devices/system/cpu/vulnerabilities/
> meltdown  spectre_v1  spectre_v2
> $ cat /sys/devices/system/cpu/vulnerabilities/meltdown
> Mitigation: PTI
> $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
> Vulnerable
> $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
> Vulnerable: Minimal generic ASM retpoline

So has 4.9.77, but it's dumb:

 matica!3 ~$ cat /sys/devices/system/cpu/vulnerabilities/meltdown 
Vulnerable
 matica!4 ~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
Vulnerable
 matica!5 ~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Vulnerable: Minimal AMD ASM retpoline

(AMD is not affected by Meltdown)

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet, fetch the TXT record for the domain.

[gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

2018-01-18 Thread Nikos Chantziaras 

On 18/01/18 10:28, Adam Carter wrote:

Nice;

$ ls /sys/devices/system/cpu/vulnerabilities/
meltdown  spectre_v1  spectre_v2
$ cat /sys/devices/system/cpu/vulnerabilities/meltdown
Mitigation: PTI
$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
Vulnerable
$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Vulnerable: Minimal generic ASM retpoline


Good to know! Thanks.

For Spectre, GCC 7.3 is needed, which isn't released yet, but AFAIK is 
being fast-tracked for release by upstream. There's plans to backport to 
GCC 6 as well.


Not sure about the CPU microcode situation.