The latest bad news.

For interesting topics. But remember this is a Linux Forum. Do not post offensive topics that are meant to cause trouble with other members or are derogatory towards people of different genders, race, color, minors (this includes nudity and sex), politics or religion. Let's try to keep peace among the community and for visitors.

No spam on this or any other forums please! If you post advertisements on these forums, your account may be deleted.

Do not copy and paste entire or even up to half of someone else's words or articles into posts. Post only a few sentences or a paragraph and make sure to include a link back to original words or article. Otherwise it's copyright infringement.

You can talk about other distros here, but no MX bashing. You can email the developers of MX if you just want to say you dislike or hate MX.
Message
Author
User avatar
Stevo
Developer
Posts: 12774
Joined: Fri Dec 15, 2006 8:07 pm

Re: The latest bad news.

#31 Post by Stevo »

v3g4n wrote:

Code: Select all

m3lst4d@darkstar~\:=> grep isolation /var/log/messages
Jan  3 21:29:39 darkstar kernel: [    0.000000] Kernel/User page tables isolation: enabled
m3lst4d@darkstar~\:=>
Time will tell if there is any noticeable performance hit from normal desktop use.
Hmmm...which kernel is showing you that message? I can't get it with the Liquorix 4.14-10 kernel.

Edit: seems like Liquorix has page table isolation turned off for some reason. Let me see how much smoke comes out if I enable it and rebuild the kernel...

User avatar
v3g4n
Posts: 654
Joined: Sat Jan 16, 2016 8:20 pm

Re: The latest bad news.

#32 Post by v3g4n »

That is from vanilla 4.14.11 w/ page tables isolation enabled.

User avatar
Stevo
Developer
Posts: 12774
Joined: Fri Dec 15, 2006 8:07 pm

Re: The latest bad news.

#33 Post by Stevo »

v3g4n wrote:That is from vanilla 4.14.11 w/ page tables isolation enabled.
OK, I just rebuilt the 4.14-11 Liquorix kernel with that enabled, and I now get the same message. No smoke pouring out of my machine yet.

User avatar
anticapitalista
Developer
Posts: 4160
Joined: Sat Jul 15, 2006 10:40 am

Re: The latest bad news.

#34 Post by anticapitalista »

Where did you get the patch(es)?
anticapitalista
Reg. linux user #395339.

Philosophers have interpreted the world in many ways; the point is to change it.

antiX with runit - lean and mean.
https://antixlinux.com

dr-kart
Posts: 135
Joined: Sun Oct 22, 2017 8:12 pm

Re: The latest bad news.

#35 Post by dr-kart »

...would be interesting to assess patch impact here.
For instance

Code: Select all

dd if=/dev/zero of=/tmp/testfile bs=512 count=5000000
before and after patching

User avatar
anticapitalista
Developer
Posts: 4160
Joined: Sat Jul 15, 2006 10:40 am

Re: The latest bad news.

#36 Post by anticapitalista »

v3g4n wrote:That is from vanilla 4.14.11 w/ page tables isolation enabled.
v3g4n, are you saying that the 4.14.11 kernel from https://www.kernel.org/ has already fixed 'meltdown' and 'spectre?
anticapitalista
Reg. linux user #395339.

Philosophers have interpreted the world in many ways; the point is to change it.

antiX with runit - lean and mean.
https://antixlinux.com

User avatar
Stevo
Developer
Posts: 12774
Joined: Fri Dec 15, 2006 8:07 pm

Re: The latest bad news.

#37 Post by Stevo »

anticapitalista wrote:
v3g4n wrote:That is from vanilla 4.14.11 w/ page tables isolation enabled.
v3g4n, are you saying that the 4.14.11 kernel from https://www.kernel.org/ has already fixed 'meltdown' and 'spectre?
Yes, the patches were incorporated into the standard 4.14.10 kernel patchset, but KPTI still must be enabled in the configuration. Users can still boot without it with "nopti".

User avatar
v3g4n
Posts: 654
Joined: Sat Jan 16, 2016 8:20 pm

Re: The latest bad news.

#38 Post by v3g4n »

Yes, it sounds like it was a planned feature for 4.15, but it has since been backported to 4.14.11.

http://news.softpedia.com/news/linux-ke ... 9215.shtml

https://betanews.com/2018/01/03/meltdow ... pocalypse/

You can also find commits for page table isolation in the changelog.
https://cdn.kernel.org/pub/linux/kernel ... og-4.14.11

So far it looks like this is the kernel version that openSUSE Tumbleweed, Arch and Fedora have changed to quickly since the announcement. openSUSE Leap is coming out with a patched 4.4 from SUSE. Hopefully Debian rolls something out quickly as well. :crossfingers:
Last edited by v3g4n on Thu Jan 04, 2018 6:19 pm, edited 1 time in total.

User avatar
anticapitalista
Developer
Posts: 4160
Joined: Sat Jul 15, 2006 10:40 am

Re: The latest bad news.

#39 Post by anticapitalista »

Thanks.
That linux kernel was updated on 2 Jan, but news of 'meltdown' seemed to surface afterwards....
anticapitalista
Reg. linux user #395339.

Philosophers have interpreted the world in many ways; the point is to change it.

antiX with runit - lean and mean.
https://antixlinux.com

dr-kart
Posts: 135
Joined: Sun Oct 22, 2017 8:12 pm

Re: The latest bad news.

#40 Post by dr-kart »

As far as I'm concerned

meltdown - (intel CPUs are vulnerable. AMD owners can ignore)
patch for debian kernel (4.9.65-3+deb9u2) is in sources already
https://security-tracker.debian.org/tra ... -2017-5754

spectre - 100% resolution is in future hardware. So would never get fixed via soft only.
Still hoping for new updated microcode to arrive anyway ).
And imho it's too much fuss here. Amazon cloud etc. should be nervous for sure. Not us. Btw spectre is much harder to exploit in real life.

PS (easy explanation of the story)
https://arstechnica.com/gadgets/2018/01 ... ity-flaws/

Post Reply

Return to “General”