Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 24 Jun 2018, 19:07
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Meltdown/Spectre Patching
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [6 Posts]  
Author Message
ozsouth

Joined: 01 Jan 2010
Posts: 333
Location: S.E Australia

PostPosted: Sat 24 Feb 2018, 17:23    Post subject:  Meltdown/Spectre Patching  

I don't believe old versions will be patched. A derivative of Slacko64 that is patched is here:
http://murga-linux.com/puppy/viewtopic.php?t=96875&start=169
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1570
Location: N.E. USA

PostPosted: Sat 24 Feb 2018, 20:00    Post subject:  

It not really the distro, the post you linked to indicated an Atom 330 CPU... its immune. (No Management engiine and no Speculative Caching, (Out of Order Execution)).
_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
Marv


Joined: 04 May 2005
Posts: 1052
Location: SW Wisconsin

PostPosted: Sat 24 Feb 2018, 20:41    Post subject:  

8Geee wrote:
It not really the distro, the post you linked to indicated an Atom 330 CPU... its immune. (No Management engiine and no Speculative Caching, (Out of Order Execution)).

Na, it's the kernel in that distro, let's not further muddy already muddy waters. That kernel has full meltdown and spectre v1 and v2 mitigation. The first install in the thread (second post in the thread) just happened to be to an atom 330. Three or four posts down is an install to a vulnerable i5 and the mitigation status was checked there. ozsouths pointer was valid. I use that 4.15.5 kernel across the board in my pups, both 32 bit and 64 bit. How good the mitigation in the current linux kernel is of course open to debate but the 4.15.5 is the best they have at this time. The trick in getting full retpoline mitigation has been getting gcc-7.3.0 on board for the compile and peebee has been aware of and on top of that.

_________________
Pups currently in kennel Very Happy LxPupSc and X-slacko-4.4 for my users; LxPupSc, LxPupSc64, and LxPupBB for me. All good pups indeed, and all running savefiles for look'n'feel only. Browsers, etc. solely from SFS. Now tazpup for puzzles Smile
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1520

PostPosted: Sun 25 Feb 2018, 05:05    Post subject:  

Marv wrote:
8Geee wrote:
It not really the distro, the post you linked to indicated an Atom 330 CPU... its immune. (No Management engiine and no Speculative Caching, (Out of Order Execution)).

Na, it's the kernel in that distro, let's not further muddy already muddy waters. That kernel has full meltdown and spectre v1 and v2 mitigation. The first install in the thread (second post in the thread) just happened to be to an atom 330. Three or four posts down is an install to a vulnerable i5 and the mitigation status was checked there. ozsouths pointer was valid. I use that 4.15.5 kernel across the board in my pups, both 32 bit and 64 bit. How good the mitigation in the current linux kernel is of course open to debate but the 4.15.5 is the best they have at this time. The trick in getting full retpoline mitigation has been getting gcc-7.3.0 on board for the compile and peebee has been aware of and on top of that.


(Ozsouth, forgive, I don't mean to hijack the thread)

Hi Marv,

Notice in your signature line you still use x-tahr-2.0. So do I, for all my photo-editing (utilizing Geoffrey's great photo-program-loaded .sfs with it). So, regarding Peebee's 4.15.5 kernel, could I just swap out his 32-bit 4.15.5 from Artfulpup and throw it into X-tahr-2.0 & gcc-7.3.0 will coexist with x-tahr-2.0 peacefully? Or do I need to modify and/or try to compile anything further??

Thanks for any heads up or hints.
Back to top
View user's profile Send private message 
Marv


Joined: 04 May 2005
Posts: 1052
Location: SW Wisconsin

PostPosted: Sun 25 Feb 2018, 05:45    Post subject:  

belham2 wrote:


(Ozsouth, forgive, I don't mean to hijack the thread)

Hi Marv,

Notice in your signature line you still use x-tahr-2.0. So do I, for all my photo-editing (utilizing Geoffrey's great photo-program-loaded .sfs with it). So, regarding Peebee's 4.15.5 kernel, could I just swap out his 32-bit 4.15.5 from Artfulpup and throw it into X-tahr-2.0 & gcc-7.3.0 will coexist with x-tahr-2.0 peacefully? Or do I need to modify and/or try to compile anything further??

Thanks for any heads up or hints.


My bad on the signature, it hasn't kept up with me. I still have one user on X-Tahr because it 'just works' for him and he doesn't bank or do any on-line buying etc. on it but haven't tried the newest kernels in it. I'll swap it in tomorrow and see (3:30 AM here now, got up to feed the woodstove & peer outdoors). In general, what I have seen is that the newer kernels don't break the later X series pups but that there is enough of a mismatch between the kernel video drivers and the OS Mesa versions so that video performance suffers. Quick for me to try & I'll see. The gcc-7.3.0 used for compiling the kernel shouldn't be an issue. There are/will be back-ports of the mitigation, certainly into the 4.4.x series but I haven't seen any yet with full mitigation. One caveat is that I only have intel hardware at this point and nothing older than a core 2 duo. I'll probably do the test on a Bay Trail desktop though as that is what the X-Tahr user is running... The 4.15.5 64 bit kernel is currently in LcPupSc and LxPupSc64. ArtfulPup stock is running a 4.4.59 32 bit without full mitigation. I swap in the 4.15.5 64 bit and it runs great in it and in LxArtfulPup.

Edit: Did a bunch of swapping & installs, all pristine frugal. The results are strongly hardware dependent and based on pretty quick tests. On the i5 laptop X-Tahr 2.0 boots cleanly and runs well with the new kernel. The speed benchmarks I use range from +4% to -1.5% compared to the 3.14.56 stock kernel. Seems just fine. The core 2 duo laptop is a different animal. 4.15.5 will not boot cleanly, it's an odd video/cursor interaction issue and one I probably wouldn't bother chasing. I did replicate it several times. 4.4.56 boots and runs cleanly on that hardware so if a 4.4.xx with full mitigation is available it would be worth a test. I haven't gotten to the Bay Trail yet, but the 4.15.5 and Tahr seems to be stretching the envelope a bit far. LxArtfulPup, on the other hand, is perfectly happy with that new kernel on the core 2 duo. I've been using that combo offline on one of those machines to do taxes with no hitches or glitches. If you do swap, you will need the fdrv as well as the zdrv and vmlinux for the new kernel as the firmware is split out to the fdrv unlike Tahr where it is in the zdrv. Tahr recognises and uses the fdrv just fine.
Later: 4.15.5 64 bit kernel swapped into X-Tahr 2.0 Boots and runs well on the Bay Trail (intel J1900 CPU) desktop. Hardware is, I guess, hardware Surprised

_________________
Pups currently in kennel Very Happy LxPupSc and X-slacko-4.4 for my users; LxPupSc, LxPupSc64, and LxPupBB for me. All good pups indeed, and all running savefiles for look'n'feel only. Browsers, etc. solely from SFS. Now tazpup for puzzles Smile
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1520

PostPosted: Sun 25 Feb 2018, 18:52    Post subject:  

Marv wrote:
belham2 wrote:


(Ozsouth, forgive, I don't mean to hijack the thread)

Hi Marv,

Notice in your signature line you still use x-tahr-2.0. So do I, for all my photo-editing (utilizing Geoffrey's great photo-program-loaded .sfs with it). So, regarding Peebee's 4.15.5 kernel, could I just swap out his 32-bit 4.15.5 from Artfulpup and throw it into X-tahr-2.0 & gcc-7.3.0 will coexist with x-tahr-2.0 peacefully? Or do I need to modify and/or try to compile anything further??

Thanks for any heads up or hints.


My bad on the signature, it hasn't kept up with me. I still have one user on X-Tahr because it 'just works' for him and he doesn't bank or do any on-line buying etc. on it but haven't tried the newest kernels in it. I'll swap it in tomorrow and see (3:30 AM here now, got up to feed the woodstove & peer outdoors). In general, what I have seen is that the newer kernels don't break the later X series pups but that there is enough of a mismatch between the kernel video drivers and the OS Mesa versions so that video performance suffers. Quick for me to try & I'll see. The gcc-7.3.0 used for compiling the kernel shouldn't be an issue. There are/will be back-ports of the mitigation, certainly into the 4.4.x series but I haven't seen any yet with full mitigation. One caveat is that I only have intel hardware at this point and nothing older than a core 2 duo. I'll probably do the test on a Bay Trail desktop though as that is what the X-Tahr user is running... The 4.15.5 64 bit kernel is currently in LcPupSc and LxPupSc64. ArtfulPup stock is running a 4.4.59 32 bit without full mitigation. I swap in the 4.15.5 64 bit and it runs great in it and in LxArtfulPup.

Edit: Did a bunch of swapping & installs, all pristine frugal. The results are strongly hardware dependent and based on pretty quick tests. On the i5 laptop X-Tahr 2.0 boots cleanly and runs well with the new kernel. The speed benchmarks I use range from +4% to -1.5% compared to the 3.14.56 stock kernel. Seems just fine. The core 2 duo laptop is a different animal. 4.15.5 will not boot cleanly, it's an odd video/cursor interaction issue and one I probably wouldn't bother chasing. I did replicate it several times. 4.4.56 boots and runs cleanly on that hardware so if a 4.4.xx with full mitigation is available it would be worth a test. I haven't gotten to the Bay Trail yet, but the 4.15.5 and Tahr seems to be stretching the envelope a bit far. LxArtfulPup, on the other hand, is perfectly happy with that new kernel on the core 2 duo. I've been using that combo offline on one of those machines to do taxes with no hitches or glitches. If you do swap, you will need the fdrv as well as the zdrv and vmlinux for the new kernel as the firmware is split out to the fdrv unlike Tahr where it is in the zdrv. Tahr recognises and uses the fdrv just fine.
Later: 4.15.5 64 bit kernel swapped into X-Tahr 2.0 Boots and runs well on the Bay Trail (intel J1900 CPU) desktop. Hardware is, I guess, hardware Surprised


Thanks, Marv!

Going to give it a go on my Core I3 laptop and see how it goes. Wink
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [6 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0630s ][ Queries: 12 (0.0050s) ][ GZIP on ]