SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,094
Original Poster
Rep:
I should have read through this and the other related threads before installing 4.14.11.
First, I tried the huge kernel and it panicked and froze.
Then I tried the generic kernel and created a initrd, and that booted, but now the Nvidia driver, neither short or long term, will install.
Back to 4.14.7.
Last edited by cwizardone; 01-03-2018 at 11:56 AM.
Scanning the kernel changelog for 4.4 and 4.14 I don't see the x86/kpti patch applied yet to either. Currently using 4.4.106 on a Pentium D-820 which doesn't have VT-x ability and is part of Smithfield family not Skylake. The python script results were:
Manufacturer: emachines
Model: T5224
Processor Name: Intel(R) Pentium(R) D CPU 2.80GHz
OS Version: Slackware 14.2 (4.4.106-ba)
*** Risk Assessment ***
Detection Error: This system may be vulnerable,
either the Intel(R) MEI/TXEI driver is not installed
(available from your system manufacturer)
or the system manufacturer does not permit access
to the ME/TXE from the host driver
Is this vulnerability maybe limited to only the processors that had virtual machine abilities?
The Intel page refers to BIOS updates from manufacturers, which makes me wonder if the issue is insurmountable simply by kernel patching?
If the motherboard doesn't have new BIOS available, is this threat only corrected by a new motherboard and processor?
Is this vulnerability maybe limited to only the processors that had virtual machine abilities?
The Intel page refers to BIOS updates from manufacturers, which makes me wonder if the issue is insurmountable simply by kernel patching?
If the motherboard doesn't have new BIOS available, is this threat only corrected by a new motherboard and processor?
Better explanation there:
Quote:
Originally Posted by libreboot.org/faq.html
Given the current state of Intel hardware with the Management Engine, it is our opinion that all performant x86 hardware newer than the AMD Family 15h CPUs (on AMD’s side) or anything post-2009 on Intel’s side is defective by design and cannot safely be used to store, transmit, or process sensitive data. Sensitive data is any data in which a data breach would cause significant economic harm to the entity which created or was responsible for storing said data, so this would include banks, credit card companies, or retailers (customer account records), in addition to the “usual” engineering and software development firms. This also affects whistleblowers, or anyone who needs actual privacy and security.
NB. The AMD Family 15h CPUs are the Buldozers, next one is the Zen (see Ryzens and ThreadRippers) and they have a PSP, which is just like Intel ME.
Honestly, I have no intention to use ever a Ryzen or a post-2009 Intel CPU even if I receive it gratis.
I own already two Buldozer x8 with 32GB DDR3 1600MHz, and other boxes driven by Phenom x4 CPUs and 16GB DDR2 1066MHz memory, which I suppose to safely give me another 20 years of computing, till I will reach 70 years as age.
Eventually, I will buy something like a KX-5000 Zhaoxin, but never again AMD or Intel.
Scanning the kernel changelog for 4.4 and 4.14 I don't see the x86/kpti patch applied yet to either. Currently using 4.4.106 on a Pentium D-820 which doesn't have VT-x ability and is part of Smithfield family not Skylake. The python script results were:
Manufacturer: emachines
Model: T5224
Processor Name: Intel(R) Pentium(R) D CPU 2.80GHz
OS Version: Slackware 14.2 (4.4.106-ba)
*** Risk Assessment ***
Detection Error: This system may be vulnerable,
either the Intel(R) MEI/TXEI driver is not installed
(available from your system manufacturer)
or the system manufacturer does not permit access
to the ME/TXE from the host driver
Is this vulnerability maybe limited to only the processors that had virtual machine abilities?
The Intel page refers to BIOS updates from manufacturers, which makes me wonder if the issue is insurmountable simply by kernel patching?
If the motherboard doesn't have new BIOS available, is this threat only corrected by a new motherboard and processor?
ME is an autonomous subsystem /not dependent on BIOS or your system / that has been incorporated in virtually all of Intel's processor chipsets since 2008
Mostly starting from PCH chipset with Nehelem processors on board.
As I understand vulnerability is to only that processors through ME subsystem which is completely autonomous and has independent access to all hardware through ME.
Karnel patch heals result not cause /ME side channel/ so it has side effect like slowdown performance.
Which simply explains piramid in this picture /what have full controll over what/ and the bug is in ME subsystem not kernel OS.
BatPitt, thanks for the information. The mobo is a Intel D945GCL which is still documented on the Intel website. I can not find any reference to the ME or TMEI concepts in either the mobo or cpu spec pages. Since it appears that both my cpu and mobo are from 2005 to 2007 timeframe and the suggestions are this issue creeped in around 2008 I'll consider this closed on this machine. Now on to my Dell 690 Precision workstation which is running Win10 (sorry my wife has some Windows/MAC financial apps which won't run in WINE argg)
Honestly, I have no intention to use ever a Ryzen or a post-2009 Intel CPU even if I receive it gratis.
All of this information is making my head spin. Do I need to worry: I have a dedicated server with 2 Intel Xeon E3-1245 processors? NetBSD on it at the moment but I had been toying with the idea of Slackware.
I own already two Buldozer x8 with 32GB DDR3 1600MHz, and other boxes driven by Phenom x4 CPUs and 16GB DDR2 1066MHz memory, which I suppose to safely give me another 20 years of computing, till I will reach 70 years as age.
That was my thinking in 2016 as well, when I put together a 2011 8-core AMD FX-9590 with 32 GB. Can't see myself needing anything else for the next 20 years.
All of this information is making my head spin. Do I need to worry: I have a dedicated server with 2 Intel Xeon E3-1245 processors? NetBSD on it at the moment but I had been toying with the idea of Slackware.
Honestly? You should check if your hardware is affected, with that Intel tool at least.
Looks like the KPTI, which is implemented on fast-forward even by Windows and MacOS/X, try to fix a really serious issue.
How serious is that issue? Intel is secretive as usual, but it push hard all the operating systems around to take measures.
Last edited by Darth Vader; 01-03-2018 at 06:24 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
