How to mitigate Spectre and Meltdown kernel memory leaking CPU bug on OpenBSD?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
11
down vote

favorite
4












Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign



and



Reading privileged memory with a side-channel



In recent news people could read about a kernel memory leaking CPU bug.



If using OpenBSD, how can we defend ourselves? Or OpenBSD isn't affected?







share|improve this question


















  • 1




    A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
    – baselab
    Jan 5 at 14:29






  • 1




    undeadly.org/cgi?action=article;sid=20180106082238
    – whoonetets
    Jan 6 at 19:05






  • 2




    marc.info/?l=openbsd-tech&m=151521435721902
    – whoonetets
    Jan 6 at 19:05














up vote
11
down vote

favorite
4












Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign



and



Reading privileged memory with a side-channel



In recent news people could read about a kernel memory leaking CPU bug.



If using OpenBSD, how can we defend ourselves? Or OpenBSD isn't affected?







share|improve this question


















  • 1




    A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
    – baselab
    Jan 5 at 14:29






  • 1




    undeadly.org/cgi?action=article;sid=20180106082238
    – whoonetets
    Jan 6 at 19:05






  • 2




    marc.info/?l=openbsd-tech&m=151521435721902
    – whoonetets
    Jan 6 at 19:05












up vote
11
down vote

favorite
4









up vote
11
down vote

favorite
4






4





Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign



and



Reading privileged memory with a side-channel



In recent news people could read about a kernel memory leaking CPU bug.



If using OpenBSD, how can we defend ourselves? Or OpenBSD isn't affected?







share|improve this question














Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign



and



Reading privileged memory with a side-channel



In recent news people could read about a kernel memory leaking CPU bug.



If using OpenBSD, how can we defend ourselves? Or OpenBSD isn't affected?









share|improve this question













share|improve this question




share|improve this question








edited Jan 5 at 15:13









GAD3R

22.5k154894




22.5k154894










asked Jan 5 at 14:18









whoonetets

209




209







  • 1




    A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
    – baselab
    Jan 5 at 14:29






  • 1




    undeadly.org/cgi?action=article;sid=20180106082238
    – whoonetets
    Jan 6 at 19:05






  • 2




    marc.info/?l=openbsd-tech&m=151521435721902
    – whoonetets
    Jan 6 at 19:05












  • 1




    A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
    – baselab
    Jan 5 at 14:29






  • 1




    undeadly.org/cgi?action=article;sid=20180106082238
    – whoonetets
    Jan 6 at 19:05






  • 2




    marc.info/?l=openbsd-tech&m=151521435721902
    – whoonetets
    Jan 6 at 19:05







1




1




A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
– baselab
Jan 5 at 14:29




A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
– baselab
Jan 5 at 14:29




1




1




undeadly.org/cgi?action=article;sid=20180106082238
– whoonetets
Jan 6 at 19:05




undeadly.org/cgi?action=article;sid=20180106082238
– whoonetets
Jan 6 at 19:05




2




2




marc.info/?l=openbsd-tech&m=151521435721902
– whoonetets
Jan 6 at 19:05




marc.info/?l=openbsd-tech&m=151521435721902
– whoonetets
Jan 6 at 19:05










1 Answer
1






active

oldest

votes

















up vote
3
down vote













CPU microcode update code for amd64



https://undeadly.org/cgi?action=article;sid=20180115073406



https://marc.info/?l=openbsd-tech&m=151588857304763&w=2




When you fw_update, you'll get the firmware files.



Upon a reboot, it will attempt to update the microcode on your cpus.
Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
microcode and installs it before booting OpenBSD.



This firmware installation is done a little late. Doing it better
will require some work in the bootblocks to find the firmware files,
but time is a bit short to do that right now.



The branch-target-cache flushing features added in new microcode are
not being used yet. There is more code which has to be written, but
again other work is happening first.



Also, Intel is saying their new microcodes sucks and people should
wait a little.



"Hi, my name is Intel and I'm an cheating speculator".




So the current status: do a "fw_update" command as root and reboot.






share|improve this answer




















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );








     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f414994%2fhow-to-mitigate-spectre-and-meltdown-kernel-memory-leaking-cpu-bug-on-openbsd%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    3
    down vote













    CPU microcode update code for amd64



    https://undeadly.org/cgi?action=article;sid=20180115073406



    https://marc.info/?l=openbsd-tech&m=151588857304763&w=2




    When you fw_update, you'll get the firmware files.



    Upon a reboot, it will attempt to update the microcode on your cpus.
    Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
    microcode and installs it before booting OpenBSD.



    This firmware installation is done a little late. Doing it better
    will require some work in the bootblocks to find the firmware files,
    but time is a bit short to do that right now.



    The branch-target-cache flushing features added in new microcode are
    not being used yet. There is more code which has to be written, but
    again other work is happening first.



    Also, Intel is saying their new microcodes sucks and people should
    wait a little.



    "Hi, my name is Intel and I'm an cheating speculator".




    So the current status: do a "fw_update" command as root and reboot.






    share|improve this answer
























      up vote
      3
      down vote













      CPU microcode update code for amd64



      https://undeadly.org/cgi?action=article;sid=20180115073406



      https://marc.info/?l=openbsd-tech&m=151588857304763&w=2




      When you fw_update, you'll get the firmware files.



      Upon a reboot, it will attempt to update the microcode on your cpus.
      Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
      microcode and installs it before booting OpenBSD.



      This firmware installation is done a little late. Doing it better
      will require some work in the bootblocks to find the firmware files,
      but time is a bit short to do that right now.



      The branch-target-cache flushing features added in new microcode are
      not being used yet. There is more code which has to be written, but
      again other work is happening first.



      Also, Intel is saying their new microcodes sucks and people should
      wait a little.



      "Hi, my name is Intel and I'm an cheating speculator".




      So the current status: do a "fw_update" command as root and reboot.






      share|improve this answer






















        up vote
        3
        down vote










        up vote
        3
        down vote









        CPU microcode update code for amd64



        https://undeadly.org/cgi?action=article;sid=20180115073406



        https://marc.info/?l=openbsd-tech&m=151588857304763&w=2




        When you fw_update, you'll get the firmware files.



        Upon a reboot, it will attempt to update the microcode on your cpus.
        Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
        microcode and installs it before booting OpenBSD.



        This firmware installation is done a little late. Doing it better
        will require some work in the bootblocks to find the firmware files,
        but time is a bit short to do that right now.



        The branch-target-cache flushing features added in new microcode are
        not being used yet. There is more code which has to be written, but
        again other work is happening first.



        Also, Intel is saying their new microcodes sucks and people should
        wait a little.



        "Hi, my name is Intel and I'm an cheating speculator".




        So the current status: do a "fw_update" command as root and reboot.






        share|improve this answer












        CPU microcode update code for amd64



        https://undeadly.org/cgi?action=article;sid=20180115073406



        https://marc.info/?l=openbsd-tech&m=151588857304763&w=2




        When you fw_update, you'll get the firmware files.



        Upon a reboot, it will attempt to update the microcode on your cpus.
        Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
        microcode and installs it before booting OpenBSD.



        This firmware installation is done a little late. Doing it better
        will require some work in the bootblocks to find the firmware files,
        but time is a bit short to do that right now.



        The branch-target-cache flushing features added in new microcode are
        not being used yet. There is more code which has to be written, but
        again other work is happening first.



        Also, Intel is saying their new microcodes sucks and people should
        wait a little.



        "Hi, my name is Intel and I'm an cheating speculator".




        So the current status: do a "fw_update" command as root and reboot.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Jan 15 at 9:57









        whoonetets

        209




        209






















             

            draft saved


            draft discarded


























             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f414994%2fhow-to-mitigate-spectre-and-meltdown-kernel-memory-leaking-cpu-bug-on-openbsd%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?