On 16/03/18 18:24, Fred Smith wrote:
Hi all!
I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU.
What kernel are you running (uname -r)?
I note that when I run the redhat script to test for spectre & meltdown
I get this result for variant 2:
Variant #2 (Spectre): Vulnerable
CVE-2017-5715 - speculative execution branch target injection
- Kernel with mitigation patches: OK
- HW support / updated microcode: NO
- IBRS: Not disabled on kernel commandline
- IBPB: Not disabled on kernel commandline
and when I run the one from github I get this:
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigated according to the /sys interface: NO (kernel confirms your system is vulnerable)
* Mitigation 1
* Kernel is compiled with IBRS/IBPB support: YES
* Currently enabled features
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* IBPB enabled: NO
* Mitigation 2
* Kernel compiled with retpoline option: YES
* Kernel compiled with a retpoline-aware compiler: UNKNOWN
STATUS: VULNERABLE (Vulnerable: Retpoline without IBPB)
So, I"m wondering:
1. has RH in fact released mitigations for this issue for AMD processors, and
2. has AMD released microcode updates for this?
I have no idea how to query AMD with such a question, anybody here know?
Thanks in advance!
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
