Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

On Tue, 13 Feb 2018 22:04:48 +0100
Pavel Machek  wrote:

> On Thu 2018-02-08 20:52:40, Alan Cox wrote:
> > > > Also worth nothing that the difference between the cpu and memory
> > > > speeds is much lower - so far fewer instructions could be speculatively
> > > > executed while waiting a cache miss.  
> > 
> > But they also have more instructions that take a lot of clocks and are
> > easier to stall - eg by doing things like opening and mmapping
> > a framebuffer and then doing a floating point double store to it
> > misaligned.
> > 
> > Meltdown we can at least reasonably test but spectre is hard.  
> 
> Do you have pointer for simple meltdown test?

It's CPU dependent but for the older processors you probably want one of
the small ones as you've got much less cache and speculation to play with.

And then you also need the test data to be in L1 D cache

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

On Tue, 13 Feb 2018 22:04:48 +0100
Pavel Machek  wrote:

> On Thu 2018-02-08 20:52:40, Alan Cox wrote:
> > > > Also worth nothing that the difference between the cpu and memory
> > > > speeds is much lower - so far fewer instructions could be speculatively
> > > > executed while waiting a cache miss.  
> > 
> > But they also have more instructions that take a lot of clocks and are
> > easier to stall - eg by doing things like opening and mmapping
> > a framebuffer and then doing a floating point double store to it
> > misaligned.
> > 
> > Meltdown we can at least reasonably test but spectre is hard.  
> 
> Do you have pointer for simple meltdown test?

It's CPU dependent but for the older processors you probably want one of
the small ones as you've got much less cache and speculation to play with.

And then you also need the test data to be in L1 D cache

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Pavel Machek]

Hi!

> > You might think this absolutely crazy, but I would be willing to test
> > such systems if I can get my hands on the needed hardware that I lack.
> > I am already doing sanity testing on Intel
> > i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
> > clone cpus (Cyrix, etc).
> >
> > While few people are using the 32bit kernel, I don't think we want to
> > kill it completely just yet.
> 
> I have a working Cyrix MII (was actively using it last year, now upgraded to 
> a 
> P3-based Celeron). Some AMD CPUs too - K6(maybe -2 or -3?), not sure about K5 
> and also a Rise mP6. But never got a WinChip.

I'm using Core Duo daily (backup machine, web browsing), and use
Pentium M as an ssh client say once in month.

> So the question is: what to test?

Self-compiling kernel is traditional stability test.

I do have two Geodes I believe, but the hardware is quite nasty to
use. (One has some kind of forth-based BIOS -- forgot the name).

> BTW. Kernel was not able to identify mP6 CPU 6 years ago, patches were 
> ignored.

You may want to re-send :-).
Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) 
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html


signature.asc
Description: Digital signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Pavel Machek]

Hi!

> > You might think this absolutely crazy, but I would be willing to test
> > such systems if I can get my hands on the needed hardware that I lack.
> > I am already doing sanity testing on Intel
> > i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
> > clone cpus (Cyrix, etc).
> >
> > While few people are using the 32bit kernel, I don't think we want to
> > kill it completely just yet.
> 
> I have a working Cyrix MII (was actively using it last year, now upgraded to 
> a 
> P3-based Celeron). Some AMD CPUs too - K6(maybe -2 or -3?), not sure about K5 
> and also a Rise mP6. But never got a WinChip.

I'm using Core Duo daily (backup machine, web browsing), and use
Pentium M as an ssh client say once in month.

> So the question is: what to test?

Self-compiling kernel is traditional stability test.

I do have two Geodes I believe, but the hardware is quite nasty to
use. (One has some kind of forth-based BIOS -- forgot the name).

> BTW. Kernel was not able to identify mP6 CPU 6 years ago, patches were 
> ignored.

You may want to re-send :-).
Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) 
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html


signature.asc
Description: Digital signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Pavel Machek]

On Thu 2018-02-08 20:52:40, Alan Cox wrote:
> > > Also worth nothing that the difference between the cpu and memory
> > > speeds is much lower - so far fewer instructions could be speculatively
> > > executed while waiting a cache miss.
> 
> But they also have more instructions that take a lot of clocks and are
> easier to stall - eg by doing things like opening and mmapping
> a framebuffer and then doing a floating point double store to it
> misaligned.
> 
> Meltdown we can at least reasonably test but spectre is hard.

Do you have pointer for simple meltdown test?

I've got https://github.com/IAIK/meltdown.git but could not get it to
work even on machines that should be vulnerable.
Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) 
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html


signature.asc
Description: Digital signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Pavel Machek]

On Thu 2018-02-08 20:52:40, Alan Cox wrote:
> > > Also worth nothing that the difference between the cpu and memory
> > > speeds is much lower - so far fewer instructions could be speculatively
> > > executed while waiting a cache miss.
> 
> But they also have more instructions that take a lot of clocks and are
> easier to stall - eg by doing things like opening and mmapping
> a framebuffer and then doing a floating point double store to it
> misaligned.
> 
> Meltdown we can at least reasonably test but spectre is hard.

Do you have pointer for simple meltdown test?

I've got https://github.com/IAIK/meltdown.git but could not get it to
work even on machines that should be vulnerable.
Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) 
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html


signature.asc
Description: Digital signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Ondrej Zary]

On Thursday 08 February 2018, tedheadster wrote:
> On Thu, Feb 8, 2018 at 12:02 PM, David Laight  
wrote:
> > From: Arnd Bergmann
> >
> >> Sent: 08 February 2018 15:23
> >
> > ...
> >
> >> The Winchip is what eventually turned into the VIA Nano, which does
> >> have speculative execution, but I don't think the earlier C3 and C7 did,
> >> they are much closer to the original Winchip design.
> >
> > We had terrible trouble getting (IIRC) the C7 to execute functions
> > that were called in 16bit mode and returned in 32bit mode and v.v.
> > (for boot code bios calls).
> > The problems seemed to imply that it was caching return addresses
> > and the translation (to uops) of the instructions that followed.
> > So it would effectively decode the first few bytes in the wrong mode.
> > So there might be scope for one of these attacks.
> >
> > OTOH these devices were so slow that I doubt any are used for anything
> > serious - and certainly won't get a kernel update even if they are.
> >
> > Also worth nothing that the difference between the cpu and memory
> > speeds is much lower - so far fewer instructions could be speculatively
> > executed while waiting a cache miss.
> >
> > Tempting to disable everything.
> >
> > David
>
> You might think this absolutely crazy, but I would be willing to test
> such systems if I can get my hands on the needed hardware that I lack.
> I am already doing sanity testing on Intel
> i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
> clone cpus (Cyrix, etc).
>
> While few people are using the 32bit kernel, I don't think we want to
> kill it completely just yet.
>
> - Matthew

I have a working Cyrix MII (was actively using it last year, now upgraded to a 
P3-based Celeron). Some AMD CPUs too - K6(maybe -2 or -3?), not sure about K5 
and also a Rise mP6. But never got a WinChip.

So the question is: what to test?

BTW. Kernel was not able to identify mP6 CPU 6 years ago, patches were 
ignored.

-- 
Ondrej Zary

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Ondrej Zary]

On Thursday 08 February 2018, tedheadster wrote:
> On Thu, Feb 8, 2018 at 12:02 PM, David Laight  
wrote:
> > From: Arnd Bergmann
> >
> >> Sent: 08 February 2018 15:23
> >
> > ...
> >
> >> The Winchip is what eventually turned into the VIA Nano, which does
> >> have speculative execution, but I don't think the earlier C3 and C7 did,
> >> they are much closer to the original Winchip design.
> >
> > We had terrible trouble getting (IIRC) the C7 to execute functions
> > that were called in 16bit mode and returned in 32bit mode and v.v.
> > (for boot code bios calls).
> > The problems seemed to imply that it was caching return addresses
> > and the translation (to uops) of the instructions that followed.
> > So it would effectively decode the first few bytes in the wrong mode.
> > So there might be scope for one of these attacks.
> >
> > OTOH these devices were so slow that I doubt any are used for anything
> > serious - and certainly won't get a kernel update even if they are.
> >
> > Also worth nothing that the difference between the cpu and memory
> > speeds is much lower - so far fewer instructions could be speculatively
> > executed while waiting a cache miss.
> >
> > Tempting to disable everything.
> >
> > David
>
> You might think this absolutely crazy, but I would be willing to test
> such systems if I can get my hands on the needed hardware that I lack.
> I am already doing sanity testing on Intel
> i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
> clone cpus (Cyrix, etc).
>
> While few people are using the 32bit kernel, I don't think we want to
> kill it completely just yet.
>
> - Matthew

I have a working Cyrix MII (was actively using it last year, now upgraded to a 
P3-based Celeron). Some AMD CPUs too - K6(maybe -2 or -3?), not sure about K5 
and also a Rise mP6. But never got a WinChip.

So the question is: what to test?

BTW. Kernel was not able to identify mP6 CPU 6 years ago, patches were 
ignored.

-- 
Ondrej Zary

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Arnd Bergmann]

On Thu, Feb 8, 2018 at 10:16 PM, Alan Cox  wrote:
> On Thu, 8 Feb 2018 16:22:40 +0100
> Arnd Bergmann  wrote:
>
>> On Thu, Feb 8, 2018 at 2:49 PM, Alan Cox  wrote:
>> >> What about Pentium II and 3? I'm using 5 such machines (and also a Pentium
>> >> MMX). I've tried a spectre test before and it wasn't reading anything 
>> >> useful.
>> >> Don't know about meltdown. Is there a complete test program? (The web is 
>> >> so
>> >> full of crap that even google can't find anything useful.)
>> >
>> > For x86 speculation came in (as far as I can tell) in
>> >
>> > AMD Am5x86
>> > Cyrix 5x86, but branch predictors are disabled by default according to
>> > the docs
>> > Cyrix 6x86, branch prediction on by default
>> > Pentium Pro
>> >
>> > There are later processors that don't have speculation: Quark series, Nat
>> > Semi/Cyrix Geode, earliest AMD geode (I think), some Intel Atom
>> > processors.
>>
>> Wasn't Am5x86 just a 486 clone? AFAICT, speculation only came with the
>> K6 (Am6x86 aka NexGen Nx6x86)
>
> The AMD 486 was a 486, just like UMC. The Am5x86 was a sort of super 486.
> But you are correct I'm muddling that with the K5 - which does speculate
> or at least some of them do. The K5 branch predictor is software
> controllable via the HWCR MSR but who has one today to test or cares 8)

Right, I completely forgot about the K5.

>> All the Geode are apparently derived from Cyrix 5x86 (I always thought
>
> Not quite all. The older ones are Cyrix 5x86 related which indeed means
> they don't have branch prediction on by default until the LX. Just to
> confuse the AMD Geode NX is basically an Athlon mobile.

This one I knew, I was just not using precise enough language.

  Arnd

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Arnd Bergmann]

On Thu, Feb 8, 2018 at 10:16 PM, Alan Cox  wrote:
> On Thu, 8 Feb 2018 16:22:40 +0100
> Arnd Bergmann  wrote:
>
>> On Thu, Feb 8, 2018 at 2:49 PM, Alan Cox  wrote:
>> >> What about Pentium II and 3? I'm using 5 such machines (and also a Pentium
>> >> MMX). I've tried a spectre test before and it wasn't reading anything 
>> >> useful.
>> >> Don't know about meltdown. Is there a complete test program? (The web is 
>> >> so
>> >> full of crap that even google can't find anything useful.)
>> >
>> > For x86 speculation came in (as far as I can tell) in
>> >
>> > AMD Am5x86
>> > Cyrix 5x86, but branch predictors are disabled by default according to
>> > the docs
>> > Cyrix 6x86, branch prediction on by default
>> > Pentium Pro
>> >
>> > There are later processors that don't have speculation: Quark series, Nat
>> > Semi/Cyrix Geode, earliest AMD geode (I think), some Intel Atom
>> > processors.
>>
>> Wasn't Am5x86 just a 486 clone? AFAICT, speculation only came with the
>> K6 (Am6x86 aka NexGen Nx6x86)
>
> The AMD 486 was a 486, just like UMC. The Am5x86 was a sort of super 486.
> But you are correct I'm muddling that with the K5 - which does speculate
> or at least some of them do. The K5 branch predictor is software
> controllable via the HWCR MSR but who has one today to test or cares 8)

Right, I completely forgot about the K5.

>> All the Geode are apparently derived from Cyrix 5x86 (I always thought
>
> Not quite all. The older ones are Cyrix 5x86 related which indeed means
> they don't have branch prediction on by default until the LX. Just to
> confuse the AMD Geode NX is basically an Athlon mobile.

This one I knew, I was just not using precise enough language.

  Arnd

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Arnd Bergmann]

On Thu, Feb 8, 2018 at 6:27 PM, tedheadster  wrote:
> On Thu, Feb 8, 2018 at 12:02 PM, David Laight  wrote:
>> From: Arnd Bergmann
>>> Sent: 08 February 2018 15:23
>> ...
>>> The Winchip is what eventually turned into the VIA Nano, which does
>>> have speculative execution, but I don't think the earlier C3 and C7 did,
>>> they are much closer to the original Winchip design.
>>
>> We had terrible trouble getting (IIRC) the C7 to execute functions
>> that were called in 16bit mode and returned in 32bit mode and v.v.
>> (for boot code bios calls).
>> The problems seemed to imply that it was caching return addresses
>> and the translation (to uops) of the instructions that followed.
>> So it would effectively decode the first few bytes in the wrong mode.
>> So there might be scope for one of these attacks.
>>
>> OTOH these devices were so slow that I doubt any are used for anything
>> serious - and certainly won't get a kernel update even if they are.
>>
>> Also worth nothing that the difference between the cpu and memory
>> speeds is much lower - so far fewer instructions could be speculatively
>> executed while waiting a cache miss.
>
> You might think this absolutely crazy, but I would be willing to test
> such systems if I can get my hands on the needed hardware that I lack.
> I am already doing sanity testing on Intel
> i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
> clone cpus (Cyrix, etc).

VIA machines are available for pocket change in many countries,
this one is what I'd get if I wanted to test over here:

http://www.ebay.de/itm/IGEL-UD2-D200-VIA-C7-M-500MHz-1GB-1GB-Flash-Memory-Thin-Client-ohne-Netzteil/301860030372

Similarly, the 6x86 (Cyrix, ST or IBM branded are identical) is really
easy to get by itself and should fit in many Socket 7 mainboards, which
you apparently already have.

  Arnd

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Arnd Bergmann]

On Thu, Feb 8, 2018 at 6:27 PM, tedheadster  wrote:
> On Thu, Feb 8, 2018 at 12:02 PM, David Laight  wrote:
>> From: Arnd Bergmann
>>> Sent: 08 February 2018 15:23
>> ...
>>> The Winchip is what eventually turned into the VIA Nano, which does
>>> have speculative execution, but I don't think the earlier C3 and C7 did,
>>> they are much closer to the original Winchip design.
>>
>> We had terrible trouble getting (IIRC) the C7 to execute functions
>> that were called in 16bit mode and returned in 32bit mode and v.v.
>> (for boot code bios calls).
>> The problems seemed to imply that it was caching return addresses
>> and the translation (to uops) of the instructions that followed.
>> So it would effectively decode the first few bytes in the wrong mode.
>> So there might be scope for one of these attacks.
>>
>> OTOH these devices were so slow that I doubt any are used for anything
>> serious - and certainly won't get a kernel update even if they are.
>>
>> Also worth nothing that the difference between the cpu and memory
>> speeds is much lower - so far fewer instructions could be speculatively
>> executed while waiting a cache miss.
>
> You might think this absolutely crazy, but I would be willing to test
> such systems if I can get my hands on the needed hardware that I lack.
> I am already doing sanity testing on Intel
> i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
> clone cpus (Cyrix, etc).

VIA machines are available for pocket change in many countries,
this one is what I'd get if I wanted to test over here:

http://www.ebay.de/itm/IGEL-UD2-D200-VIA-C7-M-500MHz-1GB-1GB-Flash-Memory-Thin-Client-ohne-Netzteil/301860030372

Similarly, the 6x86 (Cyrix, ST or IBM branded are identical) is really
easy to get by itself and should fit in many Socket 7 mainboards, which
you apparently already have.

  Arnd

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

On Thu, 8 Feb 2018 16:22:40 +0100
Arnd Bergmann  wrote:

> On Thu, Feb 8, 2018 at 2:49 PM, Alan Cox  wrote:
> >> What about Pentium II and 3? I'm using 5 such machines (and also a Pentium
> >> MMX). I've tried a spectre test before and it wasn't reading anything 
> >> useful.
> >> Don't know about meltdown. Is there a complete test program? (The web is so
> >> full of crap that even google can't find anything useful.)  
> >
> > For x86 speculation came in (as far as I can tell) in
> >
> > AMD Am5x86
> > Cyrix 5x86, but branch predictors are disabled by default according to
> > the docs
> > Cyrix 6x86, branch prediction on by default
> > Pentium Pro
> >
> > There are later processors that don't have speculation: Quark series, Nat
> > Semi/Cyrix Geode, earliest AMD geode (I think), some Intel Atom
> > processors.  
> 
> Wasn't Am5x86 just a 486 clone? AFAICT, speculation only came with the
> K6 (Am6x86 aka NexGen Nx6x86)

The AMD 486 was a 486, just like UMC. The Am5x86 was a sort of super 486.
But you are correct I'm muddling that with the K5 - which does speculate
or at least some of them do. The K5 branch predictor is software
controllable via the HWCR MSR but who has one today to test or cares 8)

> All the Geode are apparently derived from Cyrix 5x86 (I always thought

Not quite all. The older ones are Cyrix 5x86 related which indeed means
they don't have branch prediction on by default until the LX. Just to
confuse the AMD Geode NX is basically an Athlon mobile.

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

On Thu, 8 Feb 2018 16:22:40 +0100
Arnd Bergmann  wrote:

> On Thu, Feb 8, 2018 at 2:49 PM, Alan Cox  wrote:
> >> What about Pentium II and 3? I'm using 5 such machines (and also a Pentium
> >> MMX). I've tried a spectre test before and it wasn't reading anything 
> >> useful.
> >> Don't know about meltdown. Is there a complete test program? (The web is so
> >> full of crap that even google can't find anything useful.)  
> >
> > For x86 speculation came in (as far as I can tell) in
> >
> > AMD Am5x86
> > Cyrix 5x86, but branch predictors are disabled by default according to
> > the docs
> > Cyrix 6x86, branch prediction on by default
> > Pentium Pro
> >
> > There are later processors that don't have speculation: Quark series, Nat
> > Semi/Cyrix Geode, earliest AMD geode (I think), some Intel Atom
> > processors.  
> 
> Wasn't Am5x86 just a 486 clone? AFAICT, speculation only came with the
> K6 (Am6x86 aka NexGen Nx6x86)

The AMD 486 was a 486, just like UMC. The Am5x86 was a sort of super 486.
But you are correct I'm muddling that with the K5 - which does speculate
or at least some of them do. The K5 branch predictor is software
controllable via the HWCR MSR but who has one today to test or cares 8)

> All the Geode are apparently derived from Cyrix 5x86 (I always thought

Not quite all. The older ones are Cyrix 5x86 related which indeed means
they don't have branch prediction on by default until the LX. Just to
confuse the AMD Geode NX is basically an Athlon mobile.

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

> > Also worth nothing that the difference between the cpu and memory
> > speeds is much lower - so far fewer instructions could be speculatively
> > executed while waiting a cache miss.

But they also have more instructions that take a lot of clocks and are
easier to stall - eg by doing things like opening and mmapping
a framebuffer and then doing a floating point double store to it
misaligned.

Meltdown we can at least reasonably test but spectre is hard.

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

> > Also worth nothing that the difference between the cpu and memory
> > speeds is much lower - so far fewer instructions could be speculatively
> > executed while waiting a cache miss.

But they also have more instructions that take a lot of clocks and are
easier to stall - eg by doing things like opening and mmapping
a framebuffer and then doing a floating point double store to it
misaligned.

Meltdown we can at least reasonably test but spectre is hard.

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Thu, Feb 8, 2018 at 12:02 PM, David Laight  wrote:
> From: Arnd Bergmann
>> Sent: 08 February 2018 15:23
> ...
>> The Winchip is what eventually turned into the VIA Nano, which does
>> have speculative execution, but I don't think the earlier C3 and C7 did,
>> they are much closer to the original Winchip design.
>
> We had terrible trouble getting (IIRC) the C7 to execute functions
> that were called in 16bit mode and returned in 32bit mode and v.v.
> (for boot code bios calls).
> The problems seemed to imply that it was caching return addresses
> and the translation (to uops) of the instructions that followed.
> So it would effectively decode the first few bytes in the wrong mode.
> So there might be scope for one of these attacks.
>
> OTOH these devices were so slow that I doubt any are used for anything
> serious - and certainly won't get a kernel update even if they are.
>
> Also worth nothing that the difference between the cpu and memory
> speeds is much lower - so far fewer instructions could be speculatively
> executed while waiting a cache miss.
>
> Tempting to disable everything.
>
> David

You might think this absolutely crazy, but I would be willing to test
such systems if I can get my hands on the needed hardware that I lack.
I am already doing sanity testing on Intel
i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
clone cpus (Cyrix, etc).

While few people are using the 32bit kernel, I don't think we want to
kill it completely just yet.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Thu, Feb 8, 2018 at 12:02 PM, David Laight  wrote:
> From: Arnd Bergmann
>> Sent: 08 February 2018 15:23
> ...
>> The Winchip is what eventually turned into the VIA Nano, which does
>> have speculative execution, but I don't think the earlier C3 and C7 did,
>> they are much closer to the original Winchip design.
>
> We had terrible trouble getting (IIRC) the C7 to execute functions
> that were called in 16bit mode and returned in 32bit mode and v.v.
> (for boot code bios calls).
> The problems seemed to imply that it was caching return addresses
> and the translation (to uops) of the instructions that followed.
> So it would effectively decode the first few bytes in the wrong mode.
> So there might be scope for one of these attacks.
>
> OTOH these devices were so slow that I doubt any are used for anything
> serious - and certainly won't get a kernel update even if they are.
>
> Also worth nothing that the difference between the cpu and memory
> speeds is much lower - so far fewer instructions could be speculatively
> executed while waiting a cache miss.
>
> Tempting to disable everything.
>
> David

You might think this absolutely crazy, but I would be willing to test
such systems if I can get my hands on the needed hardware that I lack.
I am already doing sanity testing on Intel
i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
clone cpus (Cyrix, etc).

While few people are using the 32bit kernel, I don't think we want to
kill it completely just yet.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Thu, Feb 8, 2018 at 12:02 PM, David Laight  wrote:
> From: Arnd Bergmann
>> Sent: 08 February 2018 15:23
> ...
>> The Winchip is what eventually turned into the VIA Nano, which does
>> have speculative execution, but I don't think the earlier C3 and C7 did,
>> they are much closer to the original Winchip design.
>
> We had terrible trouble getting (IIRC) the C7 to execute functions
> that were called in 16bit mode and returned in 32bit mode and v.v.
> (for boot code bios calls).
> The problems seemed to imply that it was caching return addresses
> and the translation (to uops) of the instructions that followed.
> So it would effectively decode the first few bytes in the wrong mode.
> So there might be scope for one of these attacks.
>
> OTOH these devices were so slow that I doubt any are used for anything
> serious - and certainly won't get a kernel update even if they are.
>
> Also worth nothing that the difference between the cpu and memory
> speeds is much lower - so far fewer instructions could be speculatively
> executed while waiting a cache miss.
>
> Tempting to disable everything.
>
> David

You might think this absolutely crazy, but I would be willing to test
such systems if I can get my hands on the needed hardware that I lack.
I am already doing sanity testing on Intel
i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
clone cpus (Cyrix, etc).

While few people are using the 32bit kernel, I don't think we want to
kill it completely just yet.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Thu, Feb 8, 2018 at 12:02 PM, David Laight  wrote:
> From: Arnd Bergmann
>> Sent: 08 February 2018 15:23
> ...
>> The Winchip is what eventually turned into the VIA Nano, which does
>> have speculative execution, but I don't think the earlier C3 and C7 did,
>> they are much closer to the original Winchip design.
>
> We had terrible trouble getting (IIRC) the C7 to execute functions
> that were called in 16bit mode and returned in 32bit mode and v.v.
> (for boot code bios calls).
> The problems seemed to imply that it was caching return addresses
> and the translation (to uops) of the instructions that followed.
> So it would effectively decode the first few bytes in the wrong mode.
> So there might be scope for one of these attacks.
>
> OTOH these devices were so slow that I doubt any are used for anything
> serious - and certainly won't get a kernel update even if they are.
>
> Also worth nothing that the difference between the cpu and memory
> speeds is much lower - so far fewer instructions could be speculatively
> executed while waiting a cache miss.
>
> Tempting to disable everything.
>
> David

You might think this absolutely crazy, but I would be willing to test
such systems if I can get my hands on the needed hardware that I lack.
I am already doing sanity testing on Intel
i486/i586/i586-MMX/i686-PentiumPro systems, I just don't have the
clone cpus (Cyrix, etc).

While few people are using the 32bit kernel, I don't think we want to
kill it completely just yet.

- Matthew

RE: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Laight]

From: Arnd Bergmann
> Sent: 08 February 2018 15:23
...
> The Winchip is what eventually turned into the VIA Nano, which does
> have speculative execution, but I don't think the earlier C3 and C7 did,
> they are much closer to the original Winchip design.

We had terrible trouble getting (IIRC) the C7 to execute functions
that were called in 16bit mode and returned in 32bit mode and v.v.
(for boot code bios calls).
The problems seemed to imply that it was caching return addresses
and the translation (to uops) of the instructions that followed.
So it would effectively decode the first few bytes in the wrong mode.
So there might be scope for one of these attacks.

OTOH these devices were so slow that I doubt any are used for anything
serious - and certainly won't get a kernel update even if they are.

Also worth nothing that the difference between the cpu and memory
speeds is much lower - so far fewer instructions could be speculatively
executed while waiting a cache miss.

Tempting to disable everything.

David

RE: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Laight]

From: Arnd Bergmann
> Sent: 08 February 2018 15:23
...
> The Winchip is what eventually turned into the VIA Nano, which does
> have speculative execution, but I don't think the earlier C3 and C7 did,
> they are much closer to the original Winchip design.

We had terrible trouble getting (IIRC) the C7 to execute functions
that were called in 16bit mode and returned in 32bit mode and v.v.
(for boot code bios calls).
The problems seemed to imply that it was caching return addresses
and the translation (to uops) of the instructions that followed.
So it would effectively decode the first few bytes in the wrong mode.
So there might be scope for one of these attacks.

OTOH these devices were so slow that I doubt any are used for anything
serious - and certainly won't get a kernel update even if they are.

Also worth nothing that the difference between the cpu and memory
speeds is much lower - so far fewer instructions could be speculatively
executed while waiting a cache miss.

Tempting to disable everything.

David

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Arnd Bergmann]

On Thu, Feb 8, 2018 at 2:49 PM, Alan Cox  wrote:
>> What about Pentium II and 3? I'm using 5 such machines (and also a Pentium
>> MMX). I've tried a spectre test before and it wasn't reading anything useful.
>> Don't know about meltdown. Is there a complete test program? (The web is so
>> full of crap that even google can't find anything useful.)
>
> For x86 speculation came in (as far as I can tell) in
>
> AMD Am5x86
> Cyrix 5x86, but branch predictors are disabled by default according to
> the docs
> Cyrix 6x86, branch prediction on by default
> Pentium Pro
>
> There are later processors that don't have speculation: Quark series, Nat
> Semi/Cyrix Geode, earliest AMD geode (I think), some Intel Atom
> processors.

Wasn't Am5x86 just a 486 clone? AFAICT, speculation only came with the
K6 (Am6x86 aka NexGen Nx6x86)

All the Geode are apparently derived from Cyrix 5x86 (I always thought
it was a 6x86, but the internet disagrees). For Geode GX, a
specification update at [1] mentions a special procedure for enabling
branch prediction, Geode LX apparently gets this right and always
has branch prediction.

> The more obscure ones - the Transmeta apparently may, the IDT Winchip
> documentation strongly implies it doesn't

The Winchip is what eventually turned into the VIA Nano, which does
have speculative execution, but I don't think the earlier C3 and C7 did,
they are much closer to the original Winchip design.

   Arnd

[1] http://support.amd.com/TechDocs/31533E_gx_2.1_specupdate.pdf

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Arnd Bergmann]

On Thu, Feb 8, 2018 at 2:49 PM, Alan Cox  wrote:
>> What about Pentium II and 3? I'm using 5 such machines (and also a Pentium
>> MMX). I've tried a spectre test before and it wasn't reading anything useful.
>> Don't know about meltdown. Is there a complete test program? (The web is so
>> full of crap that even google can't find anything useful.)
>
> For x86 speculation came in (as far as I can tell) in
>
> AMD Am5x86
> Cyrix 5x86, but branch predictors are disabled by default according to
> the docs
> Cyrix 6x86, branch prediction on by default
> Pentium Pro
>
> There are later processors that don't have speculation: Quark series, Nat
> Semi/Cyrix Geode, earliest AMD geode (I think), some Intel Atom
> processors.

Wasn't Am5x86 just a 486 clone? AFAICT, speculation only came with the
K6 (Am6x86 aka NexGen Nx6x86)

All the Geode are apparently derived from Cyrix 5x86 (I always thought
it was a 6x86, but the internet disagrees). For Geode GX, a
specification update at [1] mentions a special procedure for enabling
branch prediction, Geode LX apparently gets this right and always
has branch prediction.

> The more obscure ones - the Transmeta apparently may, the IDT Winchip
> documentation strongly implies it doesn't

The Winchip is what eventually turned into the VIA Nano, which does
have speculative execution, but I don't think the earlier C3 and C7 did,
they are much closer to the original Winchip design.

   Arnd

[1] http://support.amd.com/TechDocs/31533E_gx_2.1_specupdate.pdf

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

> What about Pentium II and 3? I'm using 5 such machines (and also a Pentium 
> MMX). I've tried a spectre test before and it wasn't reading anything useful. 
> Don't know about meltdown. Is there a complete test program? (The web is so 
> full of crap that even google can't find anything useful.)

Pentium MMX does not speculate. Pentium II does.

For meltdown there are some reasonably easy tests to run to look for a
positive. Proving a negative is much much harder however and as far as I
am aware nobody has done a full evaluation of processors that old.

For x86 speculation came in (as far as I can tell) in

AMD Am5x86
Cyrix 5x86, but branch predictors are disabled by default according to
the docs
Cyrix 6x86, branch prediction on by default
Pentium Pro

There are later processors that don't have speculation: Quark series, Nat
Semi/Cyrix Geode, earliest AMD geode (I think), some Intel Atom
processors.

The more obscure ones - the Transmeta apparently may, the IDT Winchip
documentation strongly implies it doesn't, the Vortex86 (aka
SiS55X/Rise mP6) says it doesn't and things like the NexGen I have no
idea about.

The problem is that it's very hard to definitively answer questions on
these processors and vulnerabilities like they are obsolete, almost
nobody uses them for anything but retro stuff and the return on the effort
of figuring out defiitive answers is close to nil.

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

> What about Pentium II and 3? I'm using 5 such machines (and also a Pentium 
> MMX). I've tried a spectre test before and it wasn't reading anything useful. 
> Don't know about meltdown. Is there a complete test program? (The web is so 
> full of crap that even google can't find anything useful.)

Pentium MMX does not speculate. Pentium II does.

For meltdown there are some reasonably easy tests to run to look for a
positive. Proving a negative is much much harder however and as far as I
am aware nobody has done a full evaluation of processors that old.

For x86 speculation came in (as far as I can tell) in

AMD Am5x86
Cyrix 5x86, but branch predictors are disabled by default according to
the docs
Cyrix 6x86, branch prediction on by default
Pentium Pro

There are later processors that don't have speculation: Quark series, Nat
Semi/Cyrix Geode, earliest AMD geode (I think), some Intel Atom
processors.

The more obscure ones - the Transmeta apparently may, the IDT Winchip
documentation strongly implies it doesn't, the Vortex86 (aka
SiS55X/Rise mP6) says it doesn't and things like the NexGen I have no
idea about.

The problem is that it's very hard to definitively answer questions on
these processors and vulnerabilities like they are obsolete, almost
nobody uses them for anything but retro stuff and the return on the effort
of figuring out defiitive answers is close to nil.

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Ondrej Zary]

On Tuesday 06 February 2018, tedheadster wrote:
> On Tue, Feb 6, 2018 at 3:54 PM, David Woodhouse  wrote:
> > On Tue, 2018-02-06 at 15:45 -0500, tedheadster wrote:
> >> If that is correct (and I might be wrong), then I am up to date and I
> >> am still getting the following in /proc/cpuinfo on my Pentium 4M i686:
> >>
> >> bugs  : cpu_meltdown spectre_v1 spectre_v2
> >
> > That's expected for now. The CPUs we exempt are as follows:
> >
> > static const __initdata struct x86_cpu_id cpu_no_speculation[] = {
> > { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW,  
> > X86_FEATURE_ANY }, { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW,
> >  X86_FEATURE_ANY }, { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT, 
> >   X86_FEATURE_ANY }, { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL, 
> >X86_FEATURE_ANY }, { X86_VENDOR_INTEL, 6,
> > INTEL_FAM6_ATOM_PINEVIEW,X86_FEATURE_ANY }, { X86_VENDOR_CENTAUR,   5
> > },
> > { X86_VENDOR_INTEL, 5 },
> > { X86_VENDOR_NSC,   5 },
> > { X86_VENDOR_ANY,   4 },
> > {}
> > };
> >
> > Alan is going to improve that list, but your Pentium 4 isn't on it yet.
> >
> > The bugs went away on the 486 though, right?
>
> Okay, recompiled for the i486 and it reports no bugs.
>
> As for the i686, it is really a "Mobile Pentium 4 HT" Prescott series
> (https://ark.intel.com/products/27368/Mobile-Intel-Pentium-4-Processor-532-
>supporting-HT-Technology-1M-Cache-3_06-GHz-533-MHz-FSB). Does that make it a
> 'speculative execution' processor?
>
> Thank you for the help and I'll test more of the museum pieces.
>
> - Matthew

What about Pentium II and 3? I'm using 5 such machines (and also a Pentium 
MMX). I've tried a spectre test before and it wasn't reading anything useful. 
Don't know about meltdown. Is there a complete test program? (The web is so 
full of crap that even google can't find anything useful.)

-- 
Ondrej Zary

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Ondrej Zary]

On Tuesday 06 February 2018, tedheadster wrote:
> On Tue, Feb 6, 2018 at 3:54 PM, David Woodhouse  wrote:
> > On Tue, 2018-02-06 at 15:45 -0500, tedheadster wrote:
> >> If that is correct (and I might be wrong), then I am up to date and I
> >> am still getting the following in /proc/cpuinfo on my Pentium 4M i686:
> >>
> >> bugs  : cpu_meltdown spectre_v1 spectre_v2
> >
> > That's expected for now. The CPUs we exempt are as follows:
> >
> > static const __initdata struct x86_cpu_id cpu_no_speculation[] = {
> > { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW,  
> > X86_FEATURE_ANY }, { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW,
> >  X86_FEATURE_ANY }, { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT, 
> >   X86_FEATURE_ANY }, { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL, 
> >X86_FEATURE_ANY }, { X86_VENDOR_INTEL, 6,
> > INTEL_FAM6_ATOM_PINEVIEW,X86_FEATURE_ANY }, { X86_VENDOR_CENTAUR,   5
> > },
> > { X86_VENDOR_INTEL, 5 },
> > { X86_VENDOR_NSC,   5 },
> > { X86_VENDOR_ANY,   4 },
> > {}
> > };
> >
> > Alan is going to improve that list, but your Pentium 4 isn't on it yet.
> >
> > The bugs went away on the 486 though, right?
>
> Okay, recompiled for the i486 and it reports no bugs.
>
> As for the i686, it is really a "Mobile Pentium 4 HT" Prescott series
> (https://ark.intel.com/products/27368/Mobile-Intel-Pentium-4-Processor-532-
>supporting-HT-Technology-1M-Cache-3_06-GHz-533-MHz-FSB). Does that make it a
> 'speculative execution' processor?
>
> Thank you for the help and I'll test more of the museum pieces.
>
> - Matthew

What about Pentium II and 3? I'm using 5 such machines (and also a Pentium 
MMX). I've tried a spectre test before and it wasn't reading anything useful. 
Don't know about meltdown. Is there a complete test program? (The web is so 
full of crap that even google can't find anything useful.)

-- 
Ondrej Zary

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Tue, Feb 6, 2018 at 3:54 PM, David Woodhouse  wrote:
> On Tue, 2018-02-06 at 15:45 -0500, tedheadster wrote:
>>
>> If that is correct (and I might be wrong), then I am up to date and I
>> am still getting the following in /proc/cpuinfo on my Pentium 4M i686:
>>
>> bugs  : cpu_meltdown spectre_v1 spectre_v2
>
> That's expected for now. The CPUs we exempt are as follows:
>
> static const __initdata struct x86_cpu_id cpu_no_speculation[] = {
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW,   
> X86_FEATURE_ANY },
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW,  
> X86_FEATURE_ANY },
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT,
> X86_FEATURE_ANY },
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL, 
> X86_FEATURE_ANY },
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PINEVIEW,
> X86_FEATURE_ANY },
> { X86_VENDOR_CENTAUR,   5 },
> { X86_VENDOR_INTEL, 5 },
> { X86_VENDOR_NSC,   5 },
> { X86_VENDOR_ANY,   4 },
> {}
> };
>
> Alan is going to improve that list, but your Pentium 4 isn't on it yet.
>
> The bugs went away on the 486 though, right?

Okay, recompiled for the i486 and it reports no bugs.

As for the i686, it is really a "Mobile Pentium 4 HT" Prescott series
(https://ark.intel.com/products/27368/Mobile-Intel-Pentium-4-Processor-532-supporting-HT-Technology-1M-Cache-3_06-GHz-533-MHz-FSB).
Does that make it a 'speculative execution' processor?

Thank you for the help and I'll test more of the museum pieces.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Tue, Feb 6, 2018 at 3:54 PM, David Woodhouse  wrote:
> On Tue, 2018-02-06 at 15:45 -0500, tedheadster wrote:
>>
>> If that is correct (and I might be wrong), then I am up to date and I
>> am still getting the following in /proc/cpuinfo on my Pentium 4M i686:
>>
>> bugs  : cpu_meltdown spectre_v1 spectre_v2
>
> That's expected for now. The CPUs we exempt are as follows:
>
> static const __initdata struct x86_cpu_id cpu_no_speculation[] = {
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW,   
> X86_FEATURE_ANY },
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW,  
> X86_FEATURE_ANY },
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT,
> X86_FEATURE_ANY },
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL, 
> X86_FEATURE_ANY },
> { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PINEVIEW,
> X86_FEATURE_ANY },
> { X86_VENDOR_CENTAUR,   5 },
> { X86_VENDOR_INTEL, 5 },
> { X86_VENDOR_NSC,   5 },
> { X86_VENDOR_ANY,   4 },
> {}
> };
>
> Alan is going to improve that list, but your Pentium 4 isn't on it yet.
>
> The bugs went away on the 486 though, right?

Okay, recompiled for the i486 and it reports no bugs.

As for the i686, it is really a "Mobile Pentium 4 HT" Prescott series
(https://ark.intel.com/products/27368/Mobile-Intel-Pentium-4-Processor-532-supporting-HT-Technology-1M-Cache-3_06-GHz-533-MHz-FSB).
Does that make it a 'speculative execution' processor?

Thank you for the help and I'll test more of the museum pieces.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

> If that is correct (and I might be wrong), then I am up to date and I
> am still getting the following in /proc/cpuinfo on my Pentium 4M i686:
> 
> bugs  : cpu_meltdown spectre_v1 spectre_v2
> 
> - Matthew

That's an interesting museum piece. It's a Northwood core so I believe
the reporting is correct.

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Alan Cox]

> If that is correct (and I might be wrong), then I am up to date and I
> am still getting the following in /proc/cpuinfo on my Pentium 4M i686:
> 
> bugs  : cpu_meltdown spectre_v1 spectre_v2
> 
> - Matthew

That's an interesting museum piece. It's a Northwood core so I believe
the reporting is correct.

Alan

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Woodhouse]

On Tue, 2018-02-06 at 15:45 -0500, tedheadster wrote:
> 
> If that is correct (and I might be wrong), then I am up to date and I
> am still getting the following in /proc/cpuinfo on my Pentium 4M i686:
> 
> bugs  : cpu_meltdown spectre_v1 spectre_v2

That's expected for now. The CPUs we exempt are as follows:

static const __initdata struct x86_cpu_id cpu_no_speculation[] = {
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW,   X86_FEATURE_ANY 
},
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW,  X86_FEATURE_ANY 
},
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT,X86_FEATURE_ANY 
},
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL, X86_FEATURE_ANY 
},
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PINEVIEW,X86_FEATURE_ANY 
},
{ X86_VENDOR_CENTAUR,   5 },
{ X86_VENDOR_INTEL, 5 },
{ X86_VENDOR_NSC,   5 },
{ X86_VENDOR_ANY,   4 },
{}
};

Alan is going to improve that list, but your Pentium 4 isn't on it yet.

The bugs went away on the 486 though, right?

smime.p7s
Description: S/MIME cryptographic signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Woodhouse]

On Tue, 2018-02-06 at 15:45 -0500, tedheadster wrote:
> 
> If that is correct (and I might be wrong), then I am up to date and I
> am still getting the following in /proc/cpuinfo on my Pentium 4M i686:
> 
> bugs  : cpu_meltdown spectre_v1 spectre_v2

That's expected for now. The CPUs we exempt are as follows:

static const __initdata struct x86_cpu_id cpu_no_speculation[] = {
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW,   X86_FEATURE_ANY 
},
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW,  X86_FEATURE_ANY 
},
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT,X86_FEATURE_ANY 
},
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL, X86_FEATURE_ANY 
},
{ X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PINEVIEW,X86_FEATURE_ANY 
},
{ X86_VENDOR_CENTAUR,   5 },
{ X86_VENDOR_INTEL, 5 },
{ X86_VENDOR_NSC,   5 },
{ X86_VENDOR_ANY,   4 },
{}
};

Alan is going to improve that list, but your Pentium 4 isn't on it yet.

The bugs went away on the 486 though, right?

smime.p7s
Description: S/MIME cryptographic signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Tue, Feb 6, 2018 at 2:24 PM, tedheadster  wrote:
> On Tue, Feb 6, 2018 at 2:17 PM, David Woodhouse  wrote:
>> On Tue, 2018-02-06 at 11:13 -0800, Guenter Roeck wrote:
>>> On Tue, Feb 06, 2018 at 07:10:27PM +, David Woodhouse wrote:
>>> >
>>> >
>>> >
>>> > On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
>>> > >
>>> > > .
>>> > > >
>>> > > >
>>> > > > David
>>> > > >I believe I got the patch(es) you mention in in the stable 4.15.1 
>>> > > > kernel:
>>> > > >
>>> > > > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
>>> > > > spectrum related changes"
>>> > > > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
>>> > > >
>>> > > > Unfortunately, the symptoms I reported remain on at least the i486 
>>> > > > and i686.
>>> > > Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
>>> > > was a lot of spectrum patches merged just this week that were not in
>>> > > 4.15.1.
>>> > No, for the 486 it *should* have worked. The interesting commit
>>> > is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
>>> > vulnerable to Meltdown") which is indeed pulled in with the merge
>>> > commit that Matthew mentions.
>>> >
>>> I disagree.
>>>
>>> $ git describe
>>> v4.15.1-61-g7ab5513e4cbc
>>> $ git log --oneline v4.15.1.. | grep Melt
>>> 3472b3689bab x86/pti: Do not enable PTI on CPUs which are not vulnerable to 
>>> Meltdown
>>
>> Ah right, for 4.15.1 perhaps yes. I was looking at Matthew's 'commit
>> 6304672b7f0a5c010002e63a075160856dc4f88d' which isn't in 4.15.1 at all;
>> that's the commit in Linus' tree where he pulled in the fix. So *that*
>> one should have had it.
>

Okay, I did a 'git pull' from Linus' tree and rebuilt. I _believe_ I
have the correct patches from this information:

localhost /usr/src/linux # git log | grep "Do not enable PTI on CPUs
which are not vulnerable to Meltdown"
Fixes: fec9434a12f3 ("x86/pti: Do not enable PTI on CPUs which are
not vulnerable to Meltdown")
  x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown

localhost /usr/src/linux # git log | grep -A8
6304672b7f0a5c010002e63a075160856dc4f88d
commit 6304672b7f0a5c010002e63a075160856dc4f88d
Merge: 942633523cde 64e16720ea08
Author: Linus Torvalds 
Date:   Mon Jan 29 19:08:02 2018 -0800

Merge branch 'x86-pti-for-linus' of
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86/pti updates from Thomas Gleixner:
 "Another set of melted spectrum related changes:


If that is correct (and I might be wrong), then I am up to date and I
am still getting the following in /proc/cpuinfo on my Pentium 4M i686:

bugs  : cpu_meltdown spectre_v1 spectre_v2

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Tue, Feb 6, 2018 at 2:24 PM, tedheadster  wrote:
> On Tue, Feb 6, 2018 at 2:17 PM, David Woodhouse  wrote:
>> On Tue, 2018-02-06 at 11:13 -0800, Guenter Roeck wrote:
>>> On Tue, Feb 06, 2018 at 07:10:27PM +, David Woodhouse wrote:
>>> >
>>> >
>>> >
>>> > On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
>>> > >
>>> > > .
>>> > > >
>>> > > >
>>> > > > David
>>> > > >I believe I got the patch(es) you mention in in the stable 4.15.1 
>>> > > > kernel:
>>> > > >
>>> > > > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
>>> > > > spectrum related changes"
>>> > > > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
>>> > > >
>>> > > > Unfortunately, the symptoms I reported remain on at least the i486 
>>> > > > and i686.
>>> > > Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
>>> > > was a lot of spectrum patches merged just this week that were not in
>>> > > 4.15.1.
>>> > No, for the 486 it *should* have worked. The interesting commit
>>> > is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
>>> > vulnerable to Meltdown") which is indeed pulled in with the merge
>>> > commit that Matthew mentions.
>>> >
>>> I disagree.
>>>
>>> $ git describe
>>> v4.15.1-61-g7ab5513e4cbc
>>> $ git log --oneline v4.15.1.. | grep Melt
>>> 3472b3689bab x86/pti: Do not enable PTI on CPUs which are not vulnerable to 
>>> Meltdown
>>
>> Ah right, for 4.15.1 perhaps yes. I was looking at Matthew's 'commit
>> 6304672b7f0a5c010002e63a075160856dc4f88d' which isn't in 4.15.1 at all;
>> that's the commit in Linus' tree where he pulled in the fix. So *that*
>> one should have had it.
>

Okay, I did a 'git pull' from Linus' tree and rebuilt. I _believe_ I
have the correct patches from this information:

localhost /usr/src/linux # git log | grep "Do not enable PTI on CPUs
which are not vulnerable to Meltdown"
Fixes: fec9434a12f3 ("x86/pti: Do not enable PTI on CPUs which are
not vulnerable to Meltdown")
  x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown

localhost /usr/src/linux # git log | grep -A8
6304672b7f0a5c010002e63a075160856dc4f88d
commit 6304672b7f0a5c010002e63a075160856dc4f88d
Merge: 942633523cde 64e16720ea08
Author: Linus Torvalds 
Date:   Mon Jan 29 19:08:02 2018 -0800

Merge branch 'x86-pti-for-linus' of
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86/pti updates from Thomas Gleixner:
 "Another set of melted spectrum related changes:


If that is correct (and I might be wrong), then I am up to date and I
am still getting the following in /proc/cpuinfo on my Pentium 4M i686:

bugs  : cpu_meltdown spectre_v1 spectre_v2

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Woodhouse]

On Tue, 2018-02-06 at 11:13 -0800, Guenter Roeck wrote:
> On Tue, Feb 06, 2018 at 07:10:27PM +, David Woodhouse wrote:
> > 
> > 
> > 
> > On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
> > > 
> > > .
> > > > 
> > > >  
> > > > David
> > > >    I believe I got the patch(es) you mention in in the stable 4.15.1 
> > > > kernel:
> > > >  
> > > > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
> > > > spectrum related changes"
> > > > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
> > > >  
> > > > Unfortunately, the symptoms I reported remain on at least the i486 and 
> > > > i686.
> > > Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
> > > was a lot of spectrum patches merged just this week that were not in
> > > 4.15.1.
> > No, for the 486 it *should* have worked. The interesting commit
> > is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
> > vulnerable to Meltdown") which is indeed pulled in with the merge
> > commit that Matthew mentions.
> > 
> I disagree.
> 
> $ git describe
> v4.15.1-61-g7ab5513e4cbc
> $ git log --oneline v4.15.1.. | grep Melt
> 3472b3689bab x86/pti: Do not enable PTI on CPUs which are not vulnerable to 
> Meltdown

Ah right, for 4.15.1 perhaps yes. I was looking at Matthew's 'commit
6304672b7f0a5c010002e63a075160856dc4f88d' which isn't in 4.15.1 at all;
that's the commit in Linus' tree where he pulled in the fix. So *that*
one should have had it.


smime.p7s
Description: S/MIME cryptographic signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Woodhouse]

On Tue, 2018-02-06 at 11:13 -0800, Guenter Roeck wrote:
> On Tue, Feb 06, 2018 at 07:10:27PM +, David Woodhouse wrote:
> > 
> > 
> > 
> > On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
> > > 
> > > .
> > > > 
> > > >  
> > > > David
> > > >    I believe I got the patch(es) you mention in in the stable 4.15.1 
> > > > kernel:
> > > >  
> > > > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
> > > > spectrum related changes"
> > > > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
> > > >  
> > > > Unfortunately, the symptoms I reported remain on at least the i486 and 
> > > > i686.
> > > Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
> > > was a lot of spectrum patches merged just this week that were not in
> > > 4.15.1.
> > No, for the 486 it *should* have worked. The interesting commit
> > is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
> > vulnerable to Meltdown") which is indeed pulled in with the merge
> > commit that Matthew mentions.
> > 
> I disagree.
> 
> $ git describe
> v4.15.1-61-g7ab5513e4cbc
> $ git log --oneline v4.15.1.. | grep Melt
> 3472b3689bab x86/pti: Do not enable PTI on CPUs which are not vulnerable to 
> Meltdown

Ah right, for 4.15.1 perhaps yes. I was looking at Matthew's 'commit
6304672b7f0a5c010002e63a075160856dc4f88d' which isn't in 4.15.1 at all;
that's the commit in Linus' tree where he pulled in the fix. So *that*
one should have had it.


smime.p7s
Description: S/MIME cryptographic signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Tue, Feb 6, 2018 at 2:17 PM, David Woodhouse  wrote:
> On Tue, 2018-02-06 at 11:13 -0800, Guenter Roeck wrote:
>> On Tue, Feb 06, 2018 at 07:10:27PM +, David Woodhouse wrote:
>> >
>> >
>> >
>> > On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
>> > >
>> > > .
>> > > >
>> > > >
>> > > > David
>> > > >I believe I got the patch(es) you mention in in the stable 4.15.1 
>> > > > kernel:
>> > > >
>> > > > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
>> > > > spectrum related changes"
>> > > > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
>> > > >
>> > > > Unfortunately, the symptoms I reported remain on at least the i486 and 
>> > > > i686.
>> > > Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
>> > > was a lot of spectrum patches merged just this week that were not in
>> > > 4.15.1.
>> > No, for the 486 it *should* have worked. The interesting commit
>> > is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
>> > vulnerable to Meltdown") which is indeed pulled in with the merge
>> > commit that Matthew mentions.
>> >
>> I disagree.
>>
>> $ git describe
>> v4.15.1-61-g7ab5513e4cbc
>> $ git log --oneline v4.15.1.. | grep Melt
>> 3472b3689bab x86/pti: Do not enable PTI on CPUs which are not vulnerable to 
>> Meltdown
>
> Ah right, for 4.15.1 perhaps yes. I was looking at Matthew's 'commit
> 6304672b7f0a5c010002e63a075160856dc4f88d' which isn't in 4.15.1 at all;
> that's the commit in Linus' tree where he pulled in the fix. So *that*
> one should have had it.

I think Guenter is correct and I mixed up my linux versus linux-stable
git repository directories. I am recompiling now Linus' tree and will
report back my results.

Apologies for the incorrect information.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Tue, Feb 6, 2018 at 2:17 PM, David Woodhouse  wrote:
> On Tue, 2018-02-06 at 11:13 -0800, Guenter Roeck wrote:
>> On Tue, Feb 06, 2018 at 07:10:27PM +, David Woodhouse wrote:
>> >
>> >
>> >
>> > On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
>> > >
>> > > .
>> > > >
>> > > >
>> > > > David
>> > > >I believe I got the patch(es) you mention in in the stable 4.15.1 
>> > > > kernel:
>> > > >
>> > > > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
>> > > > spectrum related changes"
>> > > > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
>> > > >
>> > > > Unfortunately, the symptoms I reported remain on at least the i486 and 
>> > > > i686.
>> > > Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
>> > > was a lot of spectrum patches merged just this week that were not in
>> > > 4.15.1.
>> > No, for the 486 it *should* have worked. The interesting commit
>> > is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
>> > vulnerable to Meltdown") which is indeed pulled in with the merge
>> > commit that Matthew mentions.
>> >
>> I disagree.
>>
>> $ git describe
>> v4.15.1-61-g7ab5513e4cbc
>> $ git log --oneline v4.15.1.. | grep Melt
>> 3472b3689bab x86/pti: Do not enable PTI on CPUs which are not vulnerable to 
>> Meltdown
>
> Ah right, for 4.15.1 perhaps yes. I was looking at Matthew's 'commit
> 6304672b7f0a5c010002e63a075160856dc4f88d' which isn't in 4.15.1 at all;
> that's the commit in Linus' tree where he pulled in the fix. So *that*
> one should have had it.

I think Guenter is correct and I mixed up my linux versus linux-stable
git repository directories. I am recompiling now Linus' tree and will
report back my results.

Apologies for the incorrect information.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Guenter Roeck]

On Tue, Feb 06, 2018 at 07:10:27PM +, David Woodhouse wrote:
> 
> 
> On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
> > .
> > > 
> > > David
> > >   I believe I got the patch(es) you mention in in the stable 4.15.1 
> > >kernel:
> > > 
> > > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
> > > spectrum related changes"
> > > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
> > > 
> > > Unfortunately, the symptoms I reported remain on at least the i486 and 
> > > i686.
> > 
> > Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
> > was a lot of spectrum patches merged just this week that were not in
> > 4.15.1.
> 
> No, for the 486 it *should* have worked. The interesting commit
> is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
> vulnerable to Meltdown") which is indeed pulled in with the merge
> commit that Matthew mentions.
> 

I disagree.

$ git describe
v4.15.1-61-g7ab5513e4cbc
$ git log --oneline v4.15.1.. | grep Melt
3472b3689bab x86/pti: Do not enable PTI on CPUs which are not vulnerable to 
Meltdown

Guenter

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Guenter Roeck]

On Tue, Feb 06, 2018 at 07:10:27PM +, David Woodhouse wrote:
> 
> 
> On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
> > .
> > > 
> > > David
> > >   I believe I got the patch(es) you mention in in the stable 4.15.1 
> > >kernel:
> > > 
> > > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
> > > spectrum related changes"
> > > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
> > > 
> > > Unfortunately, the symptoms I reported remain on at least the i486 and 
> > > i686.
> > 
> > Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
> > was a lot of spectrum patches merged just this week that were not in
> > 4.15.1.
> 
> No, for the 486 it *should* have worked. The interesting commit
> is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
> vulnerable to Meltdown") which is indeed pulled in with the merge
> commit that Matthew mentions.
> 

I disagree.

$ git describe
v4.15.1-61-g7ab5513e4cbc
$ git log --oneline v4.15.1.. | grep Melt
3472b3689bab x86/pti: Do not enable PTI on CPUs which are not vulnerable to 
Meltdown

Guenter

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Woodhouse]

On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
> .
> > 
> > David
> >   I believe I got the patch(es) you mention in in the stable 4.15.1 kernel:
> > 
> > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
> > spectrum related changes"
> > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
> > 
> > Unfortunately, the symptoms I reported remain on at least the i486 and i686.
> 
> Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
> was a lot of spectrum patches merged just this week that were not in
> 4.15.1.

No, for the 486 it *should* have worked. The interesting commit
is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
vulnerable to Meltdown") which is indeed pulled in with the merge
commit that Matthew mentions.

Matthew, can you show the content of /proc/cpuinfo please? And perhaps
add a printk or two in early_identify_cpu() to work out what's going
on?

Your CPU *should* hit the x86_match_cpu(cpu_no_speculation) case and
not set any of the three bugs, AFAICT.

smime.p7s
Description: S/MIME cryptographic signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Woodhouse]

On Tue, 2018-02-06 at 11:02 -0800, Greg Kroah-Hartman wrote:
> .
> > 
> > David
> >   I believe I got the patch(es) you mention in in the stable 4.15.1 kernel:
> > 
> > Pull x86/pti updates from Thomas Gleixner: "Another set of melted
> > spectrum related changes"
> > (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
> > 
> > Unfortunately, the symptoms I reported remain on at least the i486 and i686.
> 
> Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
> was a lot of spectrum patches merged just this week that were not in
> 4.15.1.

No, for the 486 it *should* have worked. The interesting commit
is fec9434a12 ("x86/pti: Do not enable PTI on CPUs which are not
vulnerable to Meltdown") which is indeed pulled in with the merge
commit that Matthew mentions.

Matthew, can you show the content of /proc/cpuinfo please? And perhaps
add a printk or two in early_identify_cpu() to work out what's going
on?

Your CPU *should* hit the x86_match_cpu(cpu_no_speculation) case and
not set any of the three bugs, AFAICT.

smime.p7s
Description: S/MIME cryptographic signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Greg Kroah-Hartman]

On Tue, Feb 06, 2018 at 01:33:30PM -0500, tedheadster wrote:
> On Sat, Feb 3, 2018 at 2:37 AM, David Woodhouse  wrote:
> > On Fri, 2018-02-02 at 23:52 -0500, tedheadster wrote:
> >> I just tested the 4.15 kernel and it is reporting that my old i486
> >> (non-cpuid capable) cpu is vulnerable to all three issues: Meltdown,
> >> Spectre V1, and Spectre V2.
> >>
> >> I find this to be _unlikely_.
> >
> > This should be fixed in Linus' tree already by commit fec9434a1
> > ("x86/pti: Do not enable PTI on CPUs which are not vulnerable to
> > Meltdown").
> >
> > We'll make sure it ends up in the stable tree too, if it hasn't
> > already.
> 
> David
>   I believe I got the patch(es) you mention in in the stable 4.15.1 kernel:
> 
> Pull x86/pti updates from Thomas Gleixner: "Another set of melted
> spectrum related changes"
> (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
> 
> Unfortunately, the symptoms I reported remain on at least the i486 and i686.

Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
was a lot of spectrum patches merged just this week that were not in
4.15.1.

thanks,

greg k-h

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[Greg Kroah-Hartman]

On Tue, Feb 06, 2018 at 01:33:30PM -0500, tedheadster wrote:
> On Sat, Feb 3, 2018 at 2:37 AM, David Woodhouse  wrote:
> > On Fri, 2018-02-02 at 23:52 -0500, tedheadster wrote:
> >> I just tested the 4.15 kernel and it is reporting that my old i486
> >> (non-cpuid capable) cpu is vulnerable to all three issues: Meltdown,
> >> Spectre V1, and Spectre V2.
> >>
> >> I find this to be _unlikely_.
> >
> > This should be fixed in Linus' tree already by commit fec9434a1
> > ("x86/pti: Do not enable PTI on CPUs which are not vulnerable to
> > Meltdown").
> >
> > We'll make sure it ends up in the stable tree too, if it hasn't
> > already.
> 
> David
>   I believe I got the patch(es) you mention in in the stable 4.15.1 kernel:
> 
> Pull x86/pti updates from Thomas Gleixner: "Another set of melted
> spectrum related changes"
> (commit 6304672b7f0a5c010002e63a075160856dc4f88d).
> 
> Unfortunately, the symptoms I reported remain on at least the i486 and i686.

Can you try 4.15.2-rc1?  Or how about Linus's kernel tree now?  There
was a lot of spectrum patches merged just this week that were not in
4.15.1.

thanks,

greg k-h

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Sat, Feb 3, 2018 at 2:37 AM, David Woodhouse  wrote:
> On Fri, 2018-02-02 at 23:52 -0500, tedheadster wrote:
>> I just tested the 4.15 kernel and it is reporting that my old i486
>> (non-cpuid capable) cpu is vulnerable to all three issues: Meltdown,
>> Spectre V1, and Spectre V2.
>>
>> I find this to be _unlikely_.
>
> This should be fixed in Linus' tree already by commit fec9434a1
> ("x86/pti: Do not enable PTI on CPUs which are not vulnerable to
> Meltdown").
>
> We'll make sure it ends up in the stable tree too, if it hasn't
> already.

David
  I believe I got the patch(es) you mention in in the stable 4.15.1 kernel:

Pull x86/pti updates from Thomas Gleixner: "Another set of melted
spectrum related changes"
(commit 6304672b7f0a5c010002e63a075160856dc4f88d).

Unfortunately, the symptoms I reported remain on at least the i486 and i686.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[tedheadster]

On Sat, Feb 3, 2018 at 2:37 AM, David Woodhouse  wrote:
> On Fri, 2018-02-02 at 23:52 -0500, tedheadster wrote:
>> I just tested the 4.15 kernel and it is reporting that my old i486
>> (non-cpuid capable) cpu is vulnerable to all three issues: Meltdown,
>> Spectre V1, and Spectre V2.
>>
>> I find this to be _unlikely_.
>
> This should be fixed in Linus' tree already by commit fec9434a1
> ("x86/pti: Do not enable PTI on CPUs which are not vulnerable to
> Meltdown").
>
> We'll make sure it ends up in the stable tree too, if it hasn't
> already.

David
  I believe I got the patch(es) you mention in in the stable 4.15.1 kernel:

Pull x86/pti updates from Thomas Gleixner: "Another set of melted
spectrum related changes"
(commit 6304672b7f0a5c010002e63a075160856dc4f88d).

Unfortunately, the symptoms I reported remain on at least the i486 and i686.

- Matthew

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Woodhouse]

On Fri, 2018-02-02 at 23:52 -0500, tedheadster wrote:
> I just tested the 4.15 kernel and it is reporting that my old i486
> (non-cpuid capable) cpu is vulnerable to all three issues: Meltdown,
> Spectre V1, and Spectre V2.
> 
> I find this to be _unlikely_.

This should be fixed in Linus' tree already by commit fec9434a1
("x86/pti: Do not enable PTI on CPUs which are not vulnerable to
Meltdown").

We'll make sure it ends up in the stable tree too, if it hasn't
already.

smime.p7s
Description: S/MIME cryptographic signature

Re: [BUG] x86 : i486 reporting to be vulnerable to Meltdown/Spectre_V1/Spectre_V2

[David Woodhouse]

On Fri, 2018-02-02 at 23:52 -0500, tedheadster wrote:
> I just tested the 4.15 kernel and it is reporting that my old i486
> (non-cpuid capable) cpu is vulnerable to all three issues: Meltdown,
> Spectre V1, and Spectre V2.
> 
> I find this to be _unlikely_.

This should be fixed in Linus' tree already by commit fec9434a1
("x86/pti: Do not enable PTI on CPUs which are not vulnerable to
Meltdown").

We'll make sure it ends up in the stable tree too, if it hasn't
already.

smime.p7s
Description: S/MIME cryptographic signature