SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Today I tried to install the nVidia 390.25 full release on my 14.2 Multilib with a custom 4.14.12 kernel that had the beta version installed and working great for a few weeks now. The full release driver would not build even though the beta 390.12 Beta built with no issues at all. I searched for "nVidia 390.25 kernel 4.14.12" and got a hit for a page saying 4.15 kernel final was out and that nVidia new drivers built just fine on it. So I downloaded the tarball, did make oldconfig, and built and installed it, booted first time and installed nVidia Full Release without nary a peep. Works great. I'm pleased.
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,095
Original Poster
Rep:
I didn't try to build the 390.25 driver with the 4.14.12 kernel, but it did build with the 4.14.15 kernel. As you have experienced, the 390.25 Long Term driver has also worked extremely well with the 4.15 kernel.
Hmm installed the new kernel and the checker tool says I'm not protected against Meltdown, odd.
Code:
Spectre and Meltdown mitigation detection tool v0.29
Checking for vulnerabilities against running kernel Linux 4.4.115-smp #2 SMP Mon Feb 5 22:30:37 CST 2018 i686
CPU is Intel(R) Atom(TM) CPU N270 @ 1.60GHz
CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking whether we're safe according to the /sys interface: NO (kernel confirms your system is vulnerable)
STATUS: VULNERABLE (Vulnerable)
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Checking whether we're safe according to the /sys interface: YES (kernel confirms that the mitigation is active)
STATUS: NOT VULNERABLE (Mitigation: Full generic retpoline)
CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Checking whether we're safe according to the /sys interface: NO (kernel confirms your system is vulnerable)
STATUS: VULNERABLE (Vulnerable)
A false sense of security is worse than no security at all, see --disclaimer
bash-4.3# exit
bash-4.3# ./spectre-meltdown-checker.sh
Spectre and Meltdown mitigation detection tool v0.34+
Checking for vulnerabilities on current system
Kernel is Linux 4.4.115-smp #2 SMP Mon Feb 5 22:30:37 CST 2018 i686
CPU is Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available: NO
* CPU indicates IBRS capability: NO
* Indirect Branch Prediction Barrier (IBPB)
* PRED_CMD MSR is available: NO
* CPU indicates IBPB capability: NO
* Single Thread Indirect Branch Predictors (STIBP)
* SPEC_CTRL MSR is available: NO
* CPU indicates STIBP capability: NO
* Enhanced IBRS (IBRS_ALL)
* CPU indicates ARCH_CAPABILITIES MSR availability: NO
* ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: NO
* CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): NO
* CPU microcode is known to cause stability problems: NO (model 28 stepping 2 ucode 0x20a)
* CPU vulnerability to the three speculative execution attacks variants
* Vulnerable to Variant 1: NO
* Vulnerable to Variant 2: NO
* Vulnerable to Variant 3: NO
CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Mitigated according to the /sys interface: NO (kernel confirms your system is vulnerable)
* Kernel has array_index_mask_nospec: NO
* Checking count of LFENCE instructions following a jump in kernel... NO (only 0 jump-then-lfence instructions found, should be >= 30 (heuristic))
STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable)
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Mitigation 1
* Kernel is compiled with IBRS/IBPB support: NO
* Currently enabled features
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* IBPB enabled: NO
* Mitigation 2
* Kernel compiled with retpoline option: YES
* Kernel compiled with a retpoline-aware compiler: YES (kernel reports full retpoline compilation)
* Retpoline enabled: YES
STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable)
CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Mitigated according to the /sys interface: NO (kernel confirms your system is vulnerable)
* Kernel supports Page Table Isolation (PTI): NO
* PTI enabled and active: NO
* Running as a Xen PV DomU: NO
STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable)
A false sense of security is worse than no security at all, see --disclaimer
Forgot - I'm in that very small percentage who aren't affected anyway.
Last edited by Lysander666; 02-07-2018 at 03:06 PM.
To the best of my understanding, on Intel Processors, Meltdown MAY be mitigated via the PTI Firmware Patch, there is no mitigation yet for Spectre v1 and the recent retpoline updates to gcc, glibc and the Kernel can fix Spctre v2 ... but remember, I confused
If you're using kernel 4.15 on Slackware 14.2, the crda package from -current (crda-3.18-x86_64-5) can be installed on 14.2 and works great, if you need the regulatory.db file (thanks RandomTroll).
In other 4.15 news, b43 wifi isn't working. They didn't mention queueing that patch for stable....
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.