Linux ante Meltdown y Spectre

Iniciado por Slava_TZD, 8 Enero 2018, 15:47 PM

0 Miembros y 1 Visitante están viendo este tema.

Slava_TZD

Lectura obligatoria para todos los amantes del pingüino: Meltdown and Spectre Linux Kernel Status

TL;DR

Cita de: http://kroah.com/log/blog/2018/01/06/meltdown-status/If your Linux systems are running a normal Linux distribution, go update your kernel. And then keep updating them over the next few weeks. If your distro does not have kernel updates, then I strongly suggest changing distros right now.

Cita de: http://kroah.com/log/blog/2018/01/06/meltdown-status/Meltdown – x86
Linus's kernel tree contains all of the fixes we currently know about to handle the Meltdown vulnerability for the x86 architecture. Go enable the CONFIG_PAGE_TABLE_ISOLATION kernel build option and rebuild.

Cita de: http://kroah.com/log/blog/2018/01/06/meltdown-status/Spectre
the status is there is no fixes merged into any upstream tree for these types of issues yet...Because of all of this, it is going to take us in the kernel community a few weeks to resolve these issues and get them merged upstream. The fixes are coming in to various subsystems all over the kernel, and will be collected and released in the stable kernel updates as they are merged...


The fact is, even if you were to stop bombing us, imprisoning us, torturing us, vilifying us, and usurping our lands, we would continue to hate you because our primary reason for hating you will not cease to exist until you embrace Islam.

Slava_TZD

Por si alguien está interesado ya es posible mitigar branch target injection aka spectre2 compilando el núcleo con gcc 7.3 y CONFIG_RETPOLINE.


The fact is, even if you were to stop bombing us, imprisoning us, torturing us, vilifying us, and usurping our lands, we would continue to hate you because our primary reason for hating you will not cease to exist until you embrace Islam.