[plamo:34193] Re: linux-6.1.46 & mitigations=off

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[plamo:34193] Re: linux-6.1.46 & mitigations=off

From:KOJIMA Mitsuhiro

Date:Fri, 18 Aug 2023 20:36:40 +0900 (JST)

Subject: [plamo:34193] Re: linux-6.1.46 & mitigations=off
From: KOJIMA Mitsuhiro <kojima@xxxxxxxxxxx>
Date: Fri, 18 Aug 2023 20:36:39 +0900 (JST)

From: KOJIMA Mitsuhiro <kojima@xxxxxxxxxxx>
Subject: [plamo:34192] linux-6.1.46 & mitigations=off
Date: Fri, 18 Aug 2023 20:19:34 +0900 (JST)

> このパラメータを指定するには grub.cfg でカーネルを読み込む行に
> 
>  echo	'Linux 6.1.46-plamo64 をロード中...'
>  linux	/boot/vmlinuz-6.1.46-plamo64 root=UUID=xxxx... ro net.ifnames=0 net.ifnames=0 mitigations=off quiet
> 
> と追加すればいいようです．
> 
> 最近のカーネルは何か重いな，と感じる人(私もそうだった ^^;)はお試しあれ．
> 

ちなみに最近のカーネル(いつからかは調べてない)だと
/sys/devices/system/cpu/vulnerabilites/ というディレクトリがあり，
それぞれの脆弱性に対する対応状況を表示してくれます．

6.1.46 で試したところ，mitigations 有効(デフォルト)ならば，

/sys/devices/system/cpu/vulnerabilities/gather_data_sampling
Not affected

/sys/devices/system/cpu/vulnerabilities/itlb_multihit
Not affected

/sys/devices/system/cpu/vulnerabilities/l1tf
Not affected

/sys/devices/system/cpu/vulnerabilities/mds
Not affected

/sys/devices/system/cpu/vulnerabilities/meltdown
Not affected

/sys/devices/system/cpu/vulnerabilities/mmio_stale_data
Not affected

/sys/devices/system/cpu/vulnerabilities/retbleed
Mitigation: IBPB; SMT vulnerable

/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow
Mitigation: IBPB

/sys/devices/system/cpu/vulnerabilities/spec_store_bypass
Mitigation: Speculative Store Bypass disabled via prctl

/sys/devices/system/cpu/vulnerabilities/spectre_v1
Mitigation: usercopy/swapgs barriers and __user pointer sanitization

/sys/devices/system/cpu/vulnerabilities/spectre_v2
Vulnerable, IBPB: conditional, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected

/sys/devices/system/cpu/vulnerabilities/srbds
Not affected

/sys/devices/system/cpu/vulnerabilities/tsx_async_abort
Not affected

となり，mitigations=off すると，

/sys/devices/system/cpu/vulnerabilities/gather_data_sampling
Not affected

/sys/devices/system/cpu/vulnerabilities/itlb_multihit
Not affected

/sys/devices/system/cpu/vulnerabilities/l1tf
Not affected

/sys/devices/system/cpu/vulnerabilities/mds
Not affected

/sys/devices/system/cpu/vulnerabilities/meltdown
Not affected

/sys/devices/system/cpu/vulnerabilities/mmio_stale_data
Not affected

/sys/devices/system/cpu/vulnerabilities/retbleed
Vulnerable

/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow
Vulnerable

/sys/devices/system/cpu/vulnerabilities/spec_store_bypass
Vulnerable

/sys/devices/system/cpu/vulnerabilities/spectre_v1
Vulnerable: __user pointer sanitization and usercopy barriers only; no swapgs barriers

/sys/devices/system/cpu/vulnerabilities/spectre_v2
Vulnerable, IBPB: disabled, STIBP: disabled, PBRSB-eIBRS: Not affected

/sys/devices/system/cpu/vulnerabilities/srbds
Not affected

/sys/devices/system/cpu/vulnerabilities/tsx_async_abort
Not affected

となりました(CPUは AMD Ryzen5 3400G)．ご参考までに．

---------
こじま

References
: [plamo:34192] linux-6.1.46 & mitigations=off, KOJIMA Mitsuhiro

Prev by Date: [plamo:34192] linux-6.1.46 & mitigations=off
Next by Date: [plamo:34194] MakeMKV for Plamo-8.x
Previous by thread: [plamo:34192] linux-6.1.46 & mitigations=off
Next by thread: [plamo:34194] MakeMKV for Plamo-8.x
Index(es):
- Date
- Thread

[検索ページ] [メール一覧]
Plamo ML 公開システム