[OE-core] Yocto Project, Spectre and Meltdown
Alexander Kanavin
alexander.kanavin at linux.intel.com
Wed Feb 7 12:17:03 UTC 2018
On 01/27/2018 06:35 PM, Richard Purdie wrote:
> On Tue, 2018-01-16 at 11:38 +0000, Richard Purdie wrote:
>> I just wanted to give people an update on where the project stands
>> with these issues.
>
> Master now contains gcc and kernel fixes (in linux-yocto). meta-yocto-
> bsp updates are still pending.
>
> rocko-next also has those fixes and is undergoing testing which if it
> passes, will get pushed to rocko.
A quick way to check what degree of protection there is on a system is
to look at what is in /sys/devices/system/cpu/vulnerabilities:
ak at linux-f9zs:/sys/devices/system/cpu/vulnerabilities> ls
meltdown spectre_v1 spectre_v2
ak at linux-f9zs:/sys/devices/system/cpu/vulnerabilities> cat spectre_v1
spectre_v2 meltdown
Vulnerable
Mitigation: Full generic retpoline
Mitigation: PTI
Of course, outdated, unprotected kernels do not have this directory at all.
Paul, perhaps this could go to release notes?
Alex
More information about the Openembedded-core
mailing list