SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Justr a question: instead of using these patches, could one also just disable hyperthreading? Since most of the meltdown spectre stuff is releated to that
Justr a question: instead of using these patches, could one also just disable hyperthreading? Since most of the meltdown spectre stuff is releated to that
That wont work for everyone. I for one depend on HT for compile jobs. I compile things like qt5 where hyperthreading GREATLY reduces build times. As it is, it takes me about 6 hours to compile qt5 (2 core w/HT @ 3.4GHz running jobs at -j8) and if I didn't use HT, it would take ~20 hours.
I suppose that if you are disabling it for general purpose (browsing the web etc) on a personal level you might not notice the performance difference, BUT I don't think that it would be beneficial to devs and (large?) package maintainers.
Then there are programs like Waterfox that use multiple cores/threads and that makes a big difference in performance of that particular program as well.
I don't use initrd either, but I have initrd=/boot/intel-ucode.cpio in /etc/lilo.conf to "update microcode early":
Code:
[ 0.000000] microcode: microcode updated early to revision 0x2f, date = 2019-02-17
[ 4.302678] microcode: sig=0x206a7, pf=0x2, revision=0x2f
[ 4.302900] microcode: Microcode Update Driver: v2.2.
Thanks again for your help & clarifications. Meanwhile I was looking for docs to learn more about the microcode update process, stumbled upon:
Gentoo: https://wiki.gentoo.org/wiki/Intel_microcode
Quote:
Important
The microcode-ctl utility has been deprecated as of version 1.28-r1(Gentoo unstable)[1] and no longer contains the init script. It also does not work on certain CPUs such as Intel Haswells...
LILO and potentially other old bootloaders do not support multiple initrd images. In that case, cpu_manufacturer-ucode.img and initramfs-linux.img will have to be merged into one image.
This is what I knew and wasn't aware that I could only add initrd=/boot/intel-ucode.cpio on its own in /etc/lilo.conf, without merging it with an actual initrd image. Will try it
The same problem for Intel ME.
For a fairly good ASUS motherboard I had to mount another HDD, install Windows 10 and run "ME update tool". Of course, Windows 10 has deleted the Slackware option from the UEFI menu. Good luck with rEFInd that immediately booted my Slackware.
Will I have to take it over again!
With initrd=/boot/intel-ucode.cpio in /etc/lilo.conf I get now the microcode update:
Code:
dmesg | grep micro
[ 0.000000] microcode: CPU0 microcode updated early to revision 0x25, date = 2019-02-26
[ 0.094863] microcode: CPU1 microcode updated early to revision 0x25, date = 2019-02-26
[ 3.681301] microcode: CPU0 sig=0x40651, pf=0x40, revision=0x25
[ 3.681451] microcode: CPU1 sig=0x40651, pf=0x40, revision=0x25
[ 3.681669] microcode: Microcode Update Driver: v2.01 <tigran@aivazian.fsnet.co.uk>, Peter Oruba
And the spectre-meltdown-checker script is happy with the CPU but not with the kernel:
Code:
CVE-2018-12126 aka 'Fallout, microarchitectural store buffer data sampling (MSBDS)'
* CPU supports the MD_CLEAR functionality: YES
* Kernel supports using MD_CLEAR mitigation: NO
> STATUS: VULNERABLE (Your microcode supports mitigation, but your kernel doesn't, upgrade it to mitigate the vulnerability)
CVE-2018-12130 aka 'ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)'
* CPU supports the MD_CLEAR functionality: YES
* Kernel supports using MD_CLEAR mitigation: NO
> STATUS: VULNERABLE (Your microcode supports mitigation, but your kernel doesn't, upgrade it to mitigate the vulnerability)
CVE-2018-12127 aka 'RIDL, microarchitectural load port data sampling (MLPDS)'
* CPU supports the MD_CLEAR functionality: YES
* Kernel supports using MD_CLEAR mitigation: NO
> STATUS: VULNERABLE (Your microcode supports mitigation, but your kernel doesn't, upgrade it to mitigate the vulnerability)
CVE-2019-11091 aka 'RIDL, microarchitectural data sampling uncacheable memory (MDSUM)'
* CPU supports the MD_CLEAR functionality: YES
* Kernel supports using MD_CLEAR mitigation: NO
> STATUS: VULNERABLE (Your microcode supports mitigation, but your kernel doesn't, upgrade it to mitigate the vulnerability)
Hope Patrick will find some time to compile & distribute the new 4.4.180 kernel.
With initrd=/boot/intel-ucode.cpio in /etc/lilo.conf I get now the microcode update:
Hope Patrick will find some time to compile & distribute the new 4.4.180 kernel.
Compiling that kernel on your own is not so hard. It involves only a few commands, and when using the ".config" from the kernel you're currently running, it requires hardly any thinking. You can even first test it out as a secondary option in your lilo bootloader, or keep your current kernel as backup.
@deNiro
Thanks for the hint, I'm familiar with compiling kernels, don't worry, I just don't see the point in doing it. I (re)build & maintain enough apps on my own, don't need to worry about the kernel too. As said above, I'm not in a hurry and I trust Patrick with the kernel, in fact I never had any issues with his kernel compilation in the last period (over 5 years). Up until the 2.4-2.6 era I did compile my own kernels.
The link to the microcode posted on GitHub disappeared from Intel's web page for Linux* Processor Microcode Data File.
The latest version is: 20180807!
Strange or maybe not ...
That wont work for everyone. I for one depend on HT for compile jobs. I compile things like qt5 where hyperthreading GREATLY reduces build times. As it is, it takes me about 6 hours to compile qt5 (2 core w/HT @ 3.4GHz running jobs at -j8) and if I didn't use HT, it would take ~20 hours.
I suppose that if you are disabling it for general purpose (browsing the web etc) on a personal level you might not notice the performance difference, BUT I don't think that it would be beneficial to devs and (large?) package maintainers.
Then there are programs like Waterfox that use multiple cores/threads and that makes a big difference in performance of that particular program as well.
I understand. I also do compile stuff now and then, like a new kernel, or packages from slackbuilds, and some small stuff of my own.
And although I am no expert on the matter, I assume these patches are not really sufficient, and I follow the openBSD route of disabling hyperthreading/smt altogether, by booting the kernel with the "nosmt" kernel parameter. And I don't suffer much from that.
For practical reasons, i.o.w. when I have to compile large programs, I enable hyperthreading temporarily, since newer kernels have SMT control on the live system ( works on the kernel that ships with slackware-current)
to temporarily enable hyperthreading:
echo on > /sys/devices/system/cpu/smt/control
and to disable it again:
echo off > /sys/devices/system/cpu/smt/control
You can see the effects of this settings immediately with for example htop
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
