MX Linux Forum

Hello.

I have installed MX Linux 17.1 and i want to write for some issues with the installation of kernels with patches for Spectre, Meltdown and L1TF/Foreshadow.

From antiX kernels:

4.9.126 - In my desktop, it's the only that works and isn't vulnerable.

From this web page https://antixlinux.com/l1tf-foreshadow- ... available/, I try the 4.18.7 version. In my desktop with Nvidia driver 384.130 don't install the driver. In my notebook with and Intel works perfectly.


From MX linux:

This web page https://mxlinux.org/meltdown-spectre-news say: "2. MX 4.14 kernel (currently a patched 4.14.12)" have the patches. With Synaptic, I only found the antiX version and it's vulnerable, and I found some errors in the kern.log.

With "MX package installer", i try 4.14.0-3 (Debian 4.14.13-1~bpo9+1mx17+2) that have the patches but the "Spectre and Meltdown mitigation detection tool v0.40" say it's vulnerable.

Documents:

You will need the Nvidia drivers from our test repo or stretch-backports for newer kernels. This is a normal situation. Other out-of-tree drivers may also require a test repo version.

We also have backported Debian and Liquorix kernels in our test repo. Those currently stand at 4.18.10 and 4.18.12 respectively and are updated to the latest upstream versions as they come out. Those will give much better results in the spectre-meltdown-checker tests.

I also maintain those kernels in separate OBS repositories for Debian users that feel some qualms about adding our test repo with all its other packages...

https://build.opensuse.org/package/show ... uorix-4.18

https://build.opensuse.org/package/show ... ource-4.18

Thanks Stevo. I try with kernels and Nvidia driver from test repo.

Hello Steve.
I use "Nvidia driver install" from mx-tools to install version 390.87-2~bpo9+1 from test repo and "MX packages install" to install kernel 4.18.0-2-amd64 #1 SMP Debian 4.18.10-1~mx17+1 also from test repo and it working without problem and isn't vulnerable.

A curiosity only, why there is difference in the nomenclature of the kernel between MX (4.18.0-2) and Debian (4.18.10-1~mx17+1)?
Thanks.

Debian and Liquorix have long kernel names which have two different parts; you can see the whole name with the command: "uname -a" in the terminal. There are some technical reasons as to why they handle the names this way.

on further comparison and testing, the 4.18.7-antix.1-amd64-smp kernel seems to run cooler
and subjectively easier on the T430, and Not-Vulnerable according to
the spectre-meldown-checker.

So, I'll keep these two, the 4.18.7-antix.1 & the 4.9.126-antix.1 64-bit kernels which are both
Not-Vulnerable according to the s-m-c, while removing the 4.15 kernel
that still has a couple of Vulnerable sections for a while to see how it goes.
Actually, none of the kernels have presented a real problem, except for the spectre-meltdown-checker.

Hello Steve.
I don't refer to long names, i refer to numbers versions: for MX is 4.18.0 but for Debian is 4.18.10.