On Sat, 10 Feb 2018 16:00:14 +0100 Ralf Mardorf <ralf.mardorf@xxxxxxxxxxxxx> wrote: > cat /sys/devices/system/cpu/vulnerabilities/* Mitigation: PTI > Mitigation: __user pointer sanitization > Mitigation: Full generic retpoline > > ...means that they are enabled? Yes, how well they protect the system is of course another question, and I'm not 100% sure where the Intel ucode fits in all this. But it seems fairly clear that Intel dropped the ball on all of this including firmware updates... -- Joakim
