How to mitigate Spectre and Meltdown kernel memory leaking CPU bug on OpenBSD?
Clash Royale CLAN TAG#URR8PPP
up vote
11
down vote
favorite
Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign
and
Reading privileged memory with a side-channel
In recent news people could read about a kernel memory leaking CPU bug.
If using OpenBSD, how can we defend ourselves? Or OpenBSD isn't affected?
kernel security cpu openbsd memory-leaks
edited Jan 5 at 15:13
GAD3R
22.5k154894
asked Jan 5 at 14:18
whoonetets
209
add a comment |Â
up vote
11
down vote
favorite
Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign
and
Reading privileged memory with a side-channel
In recent news people could read about a kernel memory leaking CPU bug.
If using OpenBSD, how can we defend ourselves? Or OpenBSD isn't affected?
kernel security cpu openbsd memory-leaks
edited Jan 5 at 15:13
GAD3R
22.5k154894
asked Jan 5 at 14:18
whoonetets
209
1
A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
– baselab
Jan 5 at 14:29
1
undeadly.org/cgi?action=article;sid=20180106082238
– whoonetets
Jan 6 at 19:05
2
marc.info/?l=openbsd-tech&m=151521435721902
– whoonetets
Jan 6 at 19:05
add a comment |Â
up vote
11
down vote
favorite
up vote
11
down vote
favorite
Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign
and
Reading privileged memory with a side-channel
In recent news people could read about a kernel memory leaking CPU bug.
If using OpenBSD, how can we defend ourselves? Or OpenBSD isn't affected?
kernel security cpu openbsd memory-leaks
edited Jan 5 at 15:13
GAD3R
22.5k154894
asked Jan 5 at 14:18
whoonetets
209
Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign
and
Reading privileged memory with a side-channel
In recent news people could read about a kernel memory leaking CPU bug.
If using OpenBSD, how can we defend ourselves? Or OpenBSD isn't affected?
kernel security cpu openbsd memory-leaks
edited Jan 5 at 15:13
GAD3R
22.5k154894
asked Jan 5 at 14:18
whoonetets
209
edited Jan 5 at 15:13
GAD3R
22.5k154894
edited Jan 5 at 15:13
GAD3R
22.5k154894
edited Jan 5 at 15:13
GAD3R
22.5k154894
22.5k154894
asked Jan 5 at 14:18
whoonetets
209
asked Jan 5 at 14:18
whoonetets
209
asked Jan 5 at 14:18
whoonetets
209
209
1
A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
– baselab
Jan 5 at 14:29
1
undeadly.org/cgi?action=article;sid=20180106082238
– whoonetets
Jan 6 at 19:05
2
marc.info/?l=openbsd-tech&m=151521435721902
– whoonetets
Jan 6 at 19:05
add a comment |Â
1
A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
– baselab
Jan 5 at 14:29
1
undeadly.org/cgi?action=article;sid=20180106082238
– whoonetets
Jan 6 at 19:05
2
marc.info/?l=openbsd-tech&m=151521435721902
– whoonetets
Jan 6 at 19:05
1
1
A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
– baselab
Jan 5 at 14:29
A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
– baselab
Jan 5 at 14:29
1
1
undeadly.org/cgi?action=article;sid=20180106082238
– whoonetets
Jan 6 at 19:05
undeadly.org/cgi?action=article;sid=20180106082238
– whoonetets
Jan 6 at 19:05
2
2
marc.info/?l=openbsd-tech&m=151521435721902
– whoonetets
Jan 6 at 19:05
marc.info/?l=openbsd-tech&m=151521435721902
– whoonetets
Jan 6 at 19:05
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
3
down vote
CPU microcode update code for amd64
https://undeadly.org/cgi?action=article;sid=20180115073406
https://marc.info/?l=openbsd-tech&m=151588857304763&w=2
When you fw_update, you'll get the firmware files.
Upon a reboot, it will attempt to update the microcode on your cpus.
Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
microcode and installs it before booting OpenBSD.
This firmware installation is done a little late. Doing it better
will require some work in the bootblocks to find the firmware files,
but time is a bit short to do that right now.
The branch-target-cache flushing features added in new microcode are
not being used yet. There is more code which has to be written, but
again other work is happening first.
Also, Intel is saying their new microcodes sucks and people should
wait a little.
"Hi, my name is Intel and I'm an cheating speculator".
So the current status: do a "fw_update" command as root and reboot.
answered Jan 15 at 9:57
whoonetets
209
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
3
down vote
CPU microcode update code for amd64
https://undeadly.org/cgi?action=article;sid=20180115073406
https://marc.info/?l=openbsd-tech&m=151588857304763&w=2
When you fw_update, you'll get the firmware files.
Upon a reboot, it will attempt to update the microcode on your cpus.
Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
microcode and installs it before booting OpenBSD.
This firmware installation is done a little late. Doing it better
will require some work in the bootblocks to find the firmware files,
but time is a bit short to do that right now.
The branch-target-cache flushing features added in new microcode are
not being used yet. There is more code which has to be written, but
again other work is happening first.
Also, Intel is saying their new microcodes sucks and people should
wait a little.
"Hi, my name is Intel and I'm an cheating speculator".
So the current status: do a "fw_update" command as root and reboot.
answered Jan 15 at 9:57
whoonetets
209
add a comment |Â
up vote
3
down vote
CPU microcode update code for amd64
https://undeadly.org/cgi?action=article;sid=20180115073406
https://marc.info/?l=openbsd-tech&m=151588857304763&w=2
When you fw_update, you'll get the firmware files.
Upon a reboot, it will attempt to update the microcode on your cpus.
Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
microcode and installs it before booting OpenBSD.
This firmware installation is done a little late. Doing it better
will require some work in the bootblocks to find the firmware files,
but time is a bit short to do that right now.
The branch-target-cache flushing features added in new microcode are
not being used yet. There is more code which has to be written, but
again other work is happening first.
Also, Intel is saying their new microcodes sucks and people should
wait a little.
"Hi, my name is Intel and I'm an cheating speculator".
So the current status: do a "fw_update" command as root and reboot.
answered Jan 15 at 9:57
whoonetets
209
add a comment |Â
up vote
3
down vote
up vote
3
down vote
CPU microcode update code for amd64
https://undeadly.org/cgi?action=article;sid=20180115073406
https://marc.info/?l=openbsd-tech&m=151588857304763&w=2
When you fw_update, you'll get the firmware files.
Upon a reboot, it will attempt to update the microcode on your cpus.
Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
microcode and installs it before booting OpenBSD.
This firmware installation is done a little late. Doing it better
will require some work in the bootblocks to find the firmware files,
but time is a bit short to do that right now.
The branch-target-cache flushing features added in new microcode are
not being used yet. There is more code which has to be written, but
again other work is happening first.
Also, Intel is saying their new microcodes sucks and people should
wait a little.
"Hi, my name is Intel and I'm an cheating speculator".
So the current status: do a "fw_update" command as root and reboot.
answered Jan 15 at 9:57
whoonetets
209
CPU microcode update code for amd64
https://undeadly.org/cgi?action=article;sid=20180115073406
https://marc.info/?l=openbsd-tech&m=151588857304763&w=2
When you fw_update, you'll get the firmware files.
Upon a reboot, it will attempt to update the microcode on your cpus.
Maybe there isn't a new microcode. Maybe your BIOS has a copy of the
microcode and installs it before booting OpenBSD.
This firmware installation is done a little late. Doing it better
will require some work in the bootblocks to find the firmware files,
but time is a bit short to do that right now.
The branch-target-cache flushing features added in new microcode are
not being used yet. There is more code which has to be written, but
again other work is happening first.
Also, Intel is saying their new microcodes sucks and people should
wait a little.
"Hi, my name is Intel and I'm an cheating speculator".
So the current status: do a "fw_update" command as root and reboot.
answered Jan 15 at 9:57
whoonetets
209
answered Jan 15 at 9:57
whoonetets
209
answered Jan 15 at 9:57
whoonetets
209
answered Jan 15 at 9:57
whoonetets
209
209
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f414994%2fhow-to-mitigate-spectre-and-meltdown-kernel-memory-leaking-cpu-bug-on-openbsd%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
A quick search I found this: [marc.info/?l=openbsd-misc&m=118296441702631&w=2]
– baselab
Jan 5 at 14:29
1
undeadly.org/cgi?action=article;sid=20180106082238
– whoonetets
Jan 6 at 19:05
2
marc.info/?l=openbsd-tech&m=151521435721902
– whoonetets
Jan 6 at 19:05