Page 1 of 22 12311 ... LastLast
Results 1 to 10 of 220

Thread: Meltdown and Spectre Discussion Sticky

  1. #1
    Join Date
    Apr 2015
    Beans
    22

    Meltdown and Spectre Discussion Sticky

    Which software kernel solves and protect server against hacking via Intels bug, please see:

    OVERVIEW: https://www.intel.com/content/www/us...-products.html

    NEWSROOM: https://newsroom.intel.com/news/inte...arch-findings/

    Is there a kernel availabe yet, where and which version?

    I was wondering if you would and could let me know

    DK

  2. #2
    Join Date
    Feb 2011
    Location
    Coquitlam, B.C. Canada
    Beans
    3,506
    Distro
    Ubuntu Development Release

    Re: kernel which solves Intel security problem

    For only 4 days now, Kernel 4.15-rc6 (release candidate 6) has the PIT (Page Isolation Table) stuff included. However, the default kernel configuration still has it disabled, so you would need to compile it yourself with CONFIG_PAGE_TABLE_ISOLATION=y (which I did yesterday). I believe it has also been backported to mainline kernel 4.11.13. I think it will still be awhile before Ubuntu kernels have this stuff.
    Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.

  3. #3
    Join Date
    Jun 2009
    Location
    SW Forida
    Beans
    Hidden!
    Distro
    Kubuntu

    Re: kernel which solves Intel security problem

    More details on amount of performance hit. A lot less than the preliminary quoted 30%.

    https://www.phoronix.com/scan.php?pa...e-x86pti&num=1
    To see if your system is impacted (but it basically comes down to being Intel x86 CPUs or temporarily for AMD CPUs) can check for "cpu_insecure" on the bug line in the /proc/cpuinfo output if running the Linux 4.15-rc6 or later.
    When testing on AMD Ryzen but with PTI active, indeed, there is a similar performance hit to Intel. But if using a mainline kernel until that patch ends up being there, just reiterating you can boot your kernel with the "nopti" kernel parameter. Intel users can also opt for the nopti switch if they want to retain maximum performance, but it's a potential security risk. The Ryzen impact:
    UEFI boot install & repair info - Regularly Updated :
    https://ubuntuforums.org/showthread.php?t=2147295
    Please use Thread Tools above first post to change to [Solved] when/if answered completely.

  4. #4
    Join Date
    Apr 2011
    Location
    Mystletainn Kick!
    Beans
    13,596
    Distro
    Ubuntu

    Re: kernel which solves Intel security problem

    Ubuntu's current meltdown/spectre status:
    https://wiki.ubuntu.com/SecurityTeam...treAndMeltdown
    Splat Double Splat Triple Splat
    Earn Your Keep
    Don't mind me, I'm only passing through.
    Once in a blue moon, I'm actually helpful
    .

  5. #5
    Join Date
    Feb 2011
    Location
    Coquitlam, B.C. Canada
    Beans
    3,506
    Distro
    Ubuntu Development Release

    Re: kernel which solves Intel security problem

    Quote Originally Posted by oldfred View Post
    More details on amount of performance hit. A lot less than the preliminary quoted 30%.

    https://www.phoronix.com/scan.php?pa...e-x86pti&num=1
    I did some of those same phoronix tests yesterday: no change for kernel compile; 4.2% degradation for himeno test; no degradation for fs-mark test type 1 (1000 Files, 1MB Size); 16% degradation for fs-mark test type 3 (5000 Files, 1MB Size, 4 Threads).

    System: Ubuntu server, i7-2600k.
    Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.

  6. #6
    Join Date
    Feb 2014
    Location
    Yes
    Beans
    298
    Distro
    Ubuntu 18.04 Bionic Beaver

    Meltdown and Spectre Ubuntu effects?

    Does anybody have any info or guesses as to what the Meltdown and Spectre microprocessor flaws mean to Ubuntu users?
    Last edited by QIII; January 4th, 2018 at 10:15 PM. Reason: Default font and color

  7. #7
    Join Date
    Feb 2010
    Location
    Obscurial Springs
    Beans
    15,204
    Distro
    Ubuntu Budgie Development Release

    Re: kernel which solves Intel security problem

    "Our intention creates our reality. "

    Ubuntu Documentation Search: Popular Pages
    Ubuntu: Security Basics
    Ubuntu: Flavors

  8. #8
    Join Date
    Nov 2009
    Beans
    Hidden!
    Distro
    Kubuntu 20.04 Focal Fossa

    Re: Meltdown and Spectre Ubuntu effects?

    meltdown affects those using intel, spectre affects those using all CPU, but looks like it is not that bad.

    keep your systems up to date. you can also setup unnatended upgrades for automatic patching as well as live patch for home use if needed.
    Read the easy to understand, lots of pics Ubuntu manual.
    Do i need antivirus/firewall in linux?
    Full disk backup (newer kernel -> suitable for newer PC): Clonezilla
    User friendly full disk backup: Rescuezilla

  9. #9
    Join Date
    Sep 2010
    Beans
    9,205
    Distro
    Ubuntu Budgie 17.10 Artful Aardvark

    Re: Meltdown and Spectre Ubuntu effects?

    Quote Originally Posted by ra7411 View Post
    Does anybody have any info or guesses as to what the Meltdown and Spectre microprocessor flaws mean to Ubuntu users?
    Basically it means "patch-city". As long as you keep updated it will keep the exploit vulnerability at bay but it will not eliminate the vulnerability as more methods are devised to crack it. This is a basic hardware flaw in many CPU designs.

    It is reported that "this will haunt us for some time.".

    Researchers have verified Spectre "breaks down the isolation between different applications" and will affect Intel, AMD and Arm.

    In a statement Arm said the majority of it's processors are not affected by Spectre or Meltdown but admitted it has been working with Intel , AMD and other partners to develop defences against the vulnerabilites......>

    Security patches exist for Linux, Windows and OSX but the fix can potentially slow down a PCs performance by 30%.

    source.. Hamza Shaban, The Washington Post with files from The Canadian Press

    Edit:
    Smartphones as well.

    http://windsorstar.com/pmn/business-...9-cbbd68c0e5cc
    Last edited by ventrical; January 5th, 2018 at 02:36 PM.

  10. #10
    Join Date
    Aug 2015
    Beans
    582

    Is Ubuntu really going to leave 32-bit users in the dust with Meltdown and Spectre?

    I was reading this article: Ubuntu will fix Meltdown and Spectre by January 9th and this is what caught my attention:

    According to Kirkland, Ubuntu users of “the 64-bit x86 architecture (aka, amd64)” can expect patched kernels, it’s unclear what will happen with 32-bit installs, though.
    I have two 32-bit computers are home, my Xubuntu desktop and my dad's Lubuntu laptop, both of which are still running great.

Page 1 of 22 12311 ... LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •