January 2, 20188 yr upgraded to latest, no problems so far. also I'll just leave this here: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ -- https://lkml.org/lkml/2017/12/27/2 Edited January 2, 20188 yr by zoggy
January 2, 20188 yr FTA: Quote AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault. AMD shouldn't get too smug about this since at least Intel's latest chips don't randomly hang.
January 3, 20188 yr I don't think AMD's response seems at all smug. AMD just want to make sure that the slowdown patch doesn't get applied to a system running on any of their processors. Any spin you may perceive in the Register article is, I think, due to the somewhat sarcastic tone in which most articles on that site are written - it's something of a house style there. That said, it's a pretty jaw-dropping error on Intel's part.
January 4, 20188 yr In addition to Intel, apparently AMD and ARM are also affected. Turns out there are two separate vulnerabilities, now with their own website and nifty icons! https://spectreattack.com/ A little light reading on the technical description: https://googleprojectzero.blogspot.co.at/2018/01/reading-privileged-memory-with-side.html Linus weighs in https://lwn.net/Articles/742764/
January 4, 20188 yr Its just confusion right now. I would like to get some sort of idea how it would affect Unraid and also what virtual machine activities would be affected. I think they are reverse patching the beta Unraid kernel. Also if running a virtual machine, does this mean that we would get patched twice, once in the Unraid kernel, and another in the virtual machine kernel? As we know more, it would be great if Lime could put together some sort of FAQ. One thing that irks me is that I just ordered an older server e5-2630 based, which I don't think has the PCID feature. Any idea if Lime is going to make this kernel patch optional? It would be useful if one used Unraid for mainly a file server. I am surprised there isn't more of a discussion here.
January 4, 20188 yr 3 minutes ago, Airmaster said: Any idea if Lime is going to make this kernel patch optional? It would be useful if one used Unraid for mainly a file server. We have to wait and see how the final patch set gets implemented.
January 4, 20188 yr 3 hours ago, Airmaster said: I am surprised there isn't more of a discussion here. There is currently so little do discuss. The patches that have been presented have redacted source code comments, to make them hard to read and understand. I think the debate will not heat up until sometime next week when the big dragons will let lose much more information. The bad thing here is that we are talking about two separate security problems. One affecting lots of Intel chips, and with an existing workaround that we don't know exactly how costly it will be. And the second security issue, where no one knows how to protect all the chips that has speculative execution, which is just about any chip that is at least one or two steps above the microcontrollers used in or microwave ovens. The last 12 months have been the worst in history when it comes to security issues, and it doesn't help that a number of issues are hardware-related.
Archived
This topic is now archived and is closed to further replies.