Comment # 6 on bug 1163120 from
I suppose the confusion comes from this bug report being about other
vulnerabilities too (as seen in the initial attachment):

# with kernel-default:

- l1tf
- mds
- meltdown
- spectre store bypass
+ itlb multihit

# with kernel-pae (fewer but still not fully mitigated):

- mds
- spectre store bypass
+ itlb multihit

Considering this difference between kernel-default and kernel-pae + the fact
that the microcode is the same whether I use either kernel: I thought that some
of the vulnerabilities are not just a matter of microcode but kernel level
mitigations exists.

> So what exactly are you asking?

(1) After the above clarification, I suppose you can have a second look to my
previous question.

> > What about kernel-level mitigations? Are these impossible, i.e. is microcode
> > the only way to mitigate the remaining vulnerabilities?

(2) My other question is:

https://lkml.org/lkml/2019/12/8/205

*I understand (2) and the answer to it may be considered off-topic to this bug
report but I still hope you could shed some light on it too (in direct email is
fine too, if you think it would be more appropriate).


You are receiving this mail because: