Computers & Hardware > PC Hardware

New vulnerability in Intel processors

<< < (2/2)

Weaver:
They do need to start and think what they are doing, need a department if black hats against the design teams doing the evil before the processors get released.

roseway:

--- Quote from: burakkucat on August 17, 2018, 03:45:30 PM ---Here's a simple shell script that might be useful --

--- End quote ---

Nice one:


--- Code: ---eric@great-tit:~$ ./vulnerability-check
Kernel                   -- 4.9.0-7-amd64
Meltdown                 -- Mitigation: PTI
Speculative Store Bypass -- Vulnerable
Spectre v1               -- Mitigation: __user pointer sanitization
Spectre v2               -- Mitigation: Full generic retpoline, IBPB, IBRS_FW
eric@great-tit:~$

--- End code ---

burakkucat:
Having recently become aware of the latest vulnerability, SRBDS, I thought it was time to update the shell-script.


--- Code: ---#!/bin/bash

echo -e "Kernel                   -- \c"
uname -r

if [ -d /sys/devices/system/cpu/vulnerabilities ]; then
if [ -r /sys/devices/system/cpu/vulnerabilities/itlb_multihit ]; then
echo -e "Itlb Multihit            -- \c"
cat /sys/devices/system/cpu/vulnerabilities/itlb_multihit
fi

if [ -r /sys/devices/system/cpu/vulnerabilities/l1tf ]; then
echo -e "L1TF                     -- \c"
cat /sys/devices/system/cpu/vulnerabilities/l1tf
fi

if [ -r /sys/devices/system/cpu/vulnerabilities/mds ]; then
echo -e "MDS                      -- \c"
cat /sys/devices/system/cpu/vulnerabilities/mds
fi

if [ -r /sys/devices/system/cpu/vulnerabilities/meltdown ]; then
echo -e "Meltdown                 -- \c"
cat /sys/devices/system/cpu/vulnerabilities/meltdown
fi

if [ -r /sys/devices/system/cpu/vulnerabilities/spec_store_bypass ]; then
echo -e "Speculative Store Bypass -- \c"
cat /sys/devices/system/cpu/vulnerabilities/spec_store_bypass
fi

if [ -r /sys/devices/system/cpu/vulnerabilities/spectre_v1 ]; then
echo -e "Spectre v1               -- \c"
cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
fi

if [ -r /sys/devices/system/cpu/vulnerabilities/spectre_v2 ]; then
echo -e "Spectre v2               -- \c"
cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
fi

if [ -r /sys/devices/system/cpu/vulnerabilities/srbds ]; then
echo -e "Srbds                    -- \c"
cat /sys/devices/system/cpu/vulnerabilities/srbds
fi

if [ -r /sys/devices/system/cpu/vulnerabilities/tsx_async_abort ]; then
echo -e "TSX Async Abort          -- \c"
cat /sys/devices/system/cpu/vulnerabilities/tsx_async_abort
fi
else
echo "                         -- No data available."
fi

exit 0

--- End code ---

Alex Atkin UK:

--- Quote from: Weaver on August 17, 2018, 03:26:35 PM ---Not much detail in the stuff I read but I suspect that they have been able to improve things without crucifying performance. Disabling hyper threading in one case will knock out what 5-15% performance in some cases but I do not like hyper threading much as I suspect there are even cases where unfortunate software can end up going slower with hyper threading on than off and it is better to turn it off.

--- End quote ---

That's a very random theory you have there, can't say I've seen a shred of evidence to back that up on current software.

I mean sure, maybe a decade or so ago that was true, but today hyperthreading make a big difference.

Navigation

[0] Message Index

[*] Previous page

Go to full version