Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit

To: debian-italian@lists.debian.org
Subject: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
From: Davide Prina <davide.prina@gmail.com>
Date: Fri, 5 Jan 2018 11:04:35 +0100
Message-id: <[🔎] 7259e23d-7ed6-a719-adef-4567ae374f1b@gmail.com>
Reply-to: debian-italian <debian-italian@lists.debian.org>
In-reply-to: <[🔎] fb6g35Fdvi5U1@mid.individual.net>
References: <6b3d9754ebe82451687f6c53d48deefc@ssl.ombos.raceme.org> <[🔎] 5841ffdc-0cce-89bf-15e6-55e4c0d697a8@gmail.com> <[🔎] fb47eiFsadjU1@mid.individual.net> <[🔎] c084c9b3-b0f0-d758-6fdd-ca5252661dc6@gmail.com> <[🔎] 7c009226b47fe4bb9dc146a3cdf48a16.squirrel@student-web1.dm.unipi.it> <[🔎] fb6g35Fdvi5U1@mid.individual.net>

On 04/01/2018 12:05, Alessandro Pellizzari wrote:

Inizia a diradarsi la nebbia.

https://meltdownattack.com/
A quanto pare le vulnerabilità sono due: Meltdown (solo Intel e ARM,facile da sfruttare e facile da risolvere a lovello kernel, madiminuisce le prestazioni) e Spectre (tutte le CPU prodotte negli ultimi20 anni tranne rare eccezioni tipo Itanium e alcuni Atom, difficile dasfruttare, praticamente impossibile da patchare a livello software)

è arrivata la patch per meldown per Stretch con la versione4.9.65-3+deb9u2 di Linux.


Per Jessie dovrebbe arrivare successivamente.

Chi fa l'upgrade può aggiornarci su come vanno le prestazioni.

Inoltre è possibile non attivare la patch:

This solution might have a performance impact, and can be disabled atboot time by passing `pti=off' to the kernel command line.


Poi è stata trovata anche una regressione:

We also identified a regression for ancient userspaces using thevsyscall interface, for example chroot and containers using (e)glibc2.13 and older, including those based on Debian 7 or RHEL/CentOS 6. Thisregression will be fixed in a later update.


Ciao
Davide

--
Dizionari: http://linguistico.sourceforge.net/wiki
Database: http://www.postgresql.org
GNU/Linux User: 302090: http://counter.li.org
Non autorizzo la memorizzazione del mio indirizzo su outlook

Reply to:

Follow-Ups:
- Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: Portobello <c.portobello@fastwebnet.it>
- Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: Enrico Agliotti <enrico.agliotti@gmail.com>

References:
- Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: Davide Prina <davide.prina@gmail.com>
- Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: Alessandro Pellizzari <shuriken@amiran.it>
- Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: Giornale di Sistema <giornaledisistema@gmail.com>
- Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: "Marco Bodrato" <bodrato@mail.dm.unipi.it>
- Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
  - From: Alessandro Pellizzari <shuriken@amiran.it>

Prev by Date: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
Next by Date: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
Previous by thread: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
Next by thread: Re: Fwd: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit
Index(es):
- Date
- Thread