PS:
The microcode has not that much impact regarding Spectre mitigation, as I thought.
[rocketmouse@archlinux ~]$ grep 'no micro' /boot/syslinux/syslinux.cfg -A4
MENU LABEL Arch Linux Rt Securityink no micro
LINUX ../vmlinuz-linux-rt-securityink
APPEND root=LABEL=s3.archlinux ro
INITRD ../initramfs-linux-rt-securityink.img
[rocketmouse@archlinux ~]$ ls -l /sys/devices/system/cpu/vulnerabilities/*
-r--r--r-- 1 root root 4096 Sep 15 02:28 /sys/devices/system/cpu/vulnerabilities/l1tf
-r--r--r-- 1 root root 4096 Sep 15 02:28 /sys/devices/system/cpu/vulnerabilities/meltdown
-r--r--r-- 1 root root 4096 Sep 15 02:28 /sys/devices/system/cpu/vulnerabilities/spec_store_bypass
-r--r--r-- 1 root root 4096 Sep 15 02:28 /sys/devices/system/cpu/vulnerabilities/spectre_v1
-r--r--r-- 1 root root 4096 Sep 15 02:28 /sys/devices/system/cpu/vulnerabilities/spectre_v2
[rocketmouse@archlinux ~]$ cat /sys/devices/system/cpu/vulnerabilities/*
Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT disabled
Mitigation: PTI
Vulnerable
Mitigation: __user pointer sanitization
Mitigation: Full generic retpoline
##################################################################################################
[rocketmouse@archlinux ~]$ grep 'Securityink nopt^i' /boot/syslinux/syslinux.cfg -A4
MENU LABEL Arch Linux Rt Securityink nopt^i
LINUX ../vmlinuz-linux-rt-securityink
APPEND root=LABEL=s3.archlinux ro nopti
INITRD ../intel-ucode.img,../initramfs-linux-rt-securityink.img
[rocketmouse@archlinux ~]$ ls -l /sys/devices/system/cpu/vulnerabilities/*
-r--r--r-- 1 root root 4096 Sep 15 02:33 /sys/devices/system/cpu/vulnerabilities/l1tf
-r--r--r-- 1 root root 4096 Sep 15 02:33 /sys/devices/system/cpu/vulnerabilities/meltdown
-r--r--r-- 1 root root 4096 Sep 15 02:33 /sys/devices/system/cpu/vulnerabilities/spec_store_bypass
-r--r--r-- 1 root root 4096 Sep 15 02:33 /sys/devices/system/cpu/vulnerabilities/spectre_v1
-r--r--r-- 1 root root 4096 Sep 15 02:33 /sys/devices/system/cpu/vulnerabilities/spectre_v2
[rocketmouse@archlinux ~]$ cat /sys/devices/system/cpu/vulnerabilities/*
Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT disabled
Vulnerable
Mitigation: Speculative Store Bypass disabled via prctl and seccomp
Mitigation: __user pointer sanitization
Mitigation: Full generic retpoline, IBPB, IBRS_FW
_______________________________________________
Linux-audio-user mailing list
Linux-audio-user@lists.linuxaudio.org
https://lists.linuxaudio.org/listinfo/linux-audio-user
Received on Sat Sep 15 04:15:01 2018
This archive was generated by hypermail 2.1.8 : Sat Sep 15 2018 - 04:15:01 EEST