On Tue, Jan 9, 2018 at 2:50 AM, Larry Stotler <larrystotler@gmail.com> wrote:
I can't seem to pin down whether the Core 2 or Pentium 4/Ms are affected by either of these issues. Most reports say since 1995 or Pentium Pro & Newer. Intel's list starts with the Core ix series and doesn't go back further. Of course I can't find the list on their site, but I found this one:
https://www.tweaktown.com/news/60411/heres-list-intel-cpus-affected-spectre-...
Also what about AMD? Their arch has differences. Is there a list for them? Athlon, AthlonXP, Athlon64?
I've read that even the POWER chips have a spectre vuln(which seems to be more mitigatable)..
While there seems to be a great deal of hype about all this, I have to wonder how easy it is to compromise a system. Most reports save having to already have access to the machine. If that's the case, then I think you are already in trouble. It's also hard to tell how long the spy agencies have known about this and been (ab)using it.
I dunno. I just can't see that much interest in mitigating this on older chips/systems(even though a lot of us find them perfectly usable). Looks like a forced upgrade is going to be contemplated for many even though it's really hard to tell how many other issues are going to be found all things considering. We could all rush out and get the "fixed" hardware when it's released only to end up in the same boat sooner or later.
HI, I use https://github.com/speed47/spectre-meltdown-checker My laptop use Intel i5. This is Tumbleweed 20180107 with kernel 4.14.12-1. The result is: CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' * Checking count of LFENCE opcodes in kernel: YES (77 opcodes found, which is >= 70)
STATUS: NOT VULNERABLE (heuristic to be improved when official patches become available)
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' * Mitigation 1 * Hardware (CPU microcode) support for mitigation: NO * Kernel support for IBRS: YES * IBRS enabled for Kernel space: UNKNOWN * IBRS enabled for User space: UNKNOWN * Mitigation 2 * Kernel compiled with retpoline option: NO * Kernel compiled with a retpoline-aware compiler: NO
STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)
CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3' * Kernel supports Page Table Isolation (PTI): YES * PTI enabled and active: YES
STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)
It is still vulnerable for Spectre Variant 2 with mitigation 2. Regards, -- Edwin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org