Advertising

Linux kernel 4.15.2

 

There is an update of Linux kernel of the 4.15.x – 4.15.2 available in Sparky repos.

The biggest change, comparing to 4.15.1 is patching the Spectre issue (v1).

The Sparky’s Linux kernel is available in Sparky “unstable” repository, so enabled it to upgrade (if you have older version already installed) or to make fresh installation:
https://sparkylinux.org/wiki/doku.php/repository

Follow the Wiki page: https://sparkylinux.org/wiki/doku.php/linux_kernel to install the latest Sparky’s Linux kernel.

It requires rebooting to take effects.

So, looks like the Meltdown (CVE-2017-5754), Spectre v1 (CVE-2017-5753) & v2 (CVE-2017-5715) issues are patched in the latest kernel now.

How to check your present Linux kernel of the Meltdown and Spectre issues?
1. Install ‘spectre-meltdown-checker’ package from Debian’s repository:
sudo apt update
sudo apt install spectre-meltdown-checker

and run it:
sudo spectre-meltdown-checker
This is a screenshot of the checker from my Sparky 5 / Debian testing “Buster” amd64 OS.

Spectre & Meltdown checker

 

Linux kernel 4.15.0 updated

 

There is an update of Linux kernel of the 4.15.0 – 4.15.0-2 available in Sparky repos.

The latest kernel has been rebuilt with GCC 7.3 to fix (as much as possible) the Spectre issue (v2 now).

The Sparky’s Linux kernel is available in Sparky “unstable” repository, so enabled it to upgrade (if you have older version already installed) or to make fresh installation:
https://sparkylinux.org/wiki/doku.php/repository

Follow the Wiki page: https://sparkylinux.org/wiki/doku.php/linux_kernel to install the latest Sparky’s Linux kernel.

It requires reboot to take effects.

How to check your present Linux kernel of the Meltdown and Spectre issues?
1. Install ‘spectre-meltdown-checker’ package from Debian’s repository:
sudo apt update
sudo apt install spectre-meltdown-checker

and run it:
sudo spectre-meltdown-checker
This is a screenshot of the checker from my Sparky 5 / Debian testing “Buster” amd64 laptop.

Spectre & Meltdown checker

So it means we are one more step ahead 🙂

 

Linux kernel 4.15.0

 

The first version of Linux kernel of the 4.15 line – 4.15.0 just landed in Sparky “unstable” repository.

The Sparky’s Linux kernel is available in Sparky “unstable” repository, so enabled it to upgrade (if you have older version already installed) or to make fresh installation:
https://sparkylinux.org/wiki/doku.php/repository

Follow the Wiki page: https://sparkylinux.org/wiki/doku.php/linux_kernel to install the latest Sparky’s Linux kernel.

Then reboot your machine to take effects.

To quick remove older version of the Linux kernel, simply run APTus-> Remove-> Uninstall Old Kernel tool.

Sparky’s kernel 4.15.0 doesn’t provide a fix of the Spectre issue yet.
Why not?

The most important is the proper compiler, means GCC 7.3 or 8.0 which is not available in Debian’s testing/unstable repository yet (we use 7.2 now).

As Greg Kroah-Hartman said:

This X86_FEATURE_RETPOLINE is enabled for all AMD/Intel CPUs. For full support you also need to be building the kernel with a newer GCC compiler containing -mindirect-branch=thunk-extern support. The GCC changes landed in GCC 8.0 yesterday and is in the process of potentially being back-ported to GCC 7.3.

So we have to wait…

How to check your present Linux kernel of the Meltdown and Spectre issues?
1. Install ‘spectre-meltdown-checker’ package from Debian’s repository:
sudo apt update
sudo apt install spectre-meltdown-checker

and run it:
sudo spectre-meltdown-checker
2.
cat /proc/cpuinfo | grep bugs
3.
cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
cat /sys/devices/system/cpu/vulnerabilities/meltdown

More info about the kernel 4.15 from Linus: lkml.org/lkml/2018/1/28/173

 

Advertising