LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 11-18-2019, 11:00 PM   #1861
abga
Senior Member
 
Registered: Jul 2017
Location: EU
Distribution: Slackware
Posts: 1,633

Rep: Reputation: 924Reputation: 924Reputation: 924Reputation: 924Reputation: 924Reputation: 924Reputation: 924Reputation: 924

When the latest Intel vulnerabilities were in the spot light, a week ago - post #1790, I provided a link to an article @ Phoronix where an additional bug was mentioned.
https://www.phoronix.com/scan.php?pa...AA-Kernel-Code

I kinda forgot about that and now while writing my own changelogs (keeping them on some core systems) I checked again what was all about and discovered:
https://cve.mitre.org/cgi-bin/cvenam...CVE-2018-12207

https://git.kernel.org/pub/scm/linux...05d4ad0002a7d4

https://software.intel.com/security-...-size-change-0

The Slackware provided kernels look to contain something about this:
https://cdn.kernel.org/pub/linux/ker...ngeLog-4.4.202
Code:
commit 6534fc5ddf887ca38ee2e04a23b062b4503b3d20
Author: Vineela Tummalapalli <vineela.tummalapalli@intel.com>
Date:   Mon Nov 4 12:22:01 2019 +0100

    x86/bugs: Add ITLB_MULTIHIT bug infrastructure
    
    commit db4d30fbb71b47e4ecb11c4efa5d8aad4b03dfae upstream.
- the -current kernel has some more records on ITLB :
https://cdn.kernel.org/pub/linux/ker...ngeLog-4.19.84
Code:
commit 5219505fcbb640e273a0d51c19c38de0100ec5a9
Author: Paolo Bonzini <pbonzini@redhat.com>
Date:   Mon Nov 4 12:22:02 2019 +0100

    kvm: mmu: ITLB_MULTIHIT mitigation
    
    commit b8e8c8303ff28c61046a4d0f6ea99aea609a7dc0 upstream.
According to this RedHat article, the mitigations come in different forms, microcode fix by Intel and kernel use of the "kvm.nx_huge_pages" boot parameter for patched kernels:
https://access.redhat.com/security/v...s/ifu-page-mce
- click on Resolve tab

And yet again my ancient Intel Atom N270 (Bonell) proves to be the most secure Intel CPU I own ATM. Soon I'll start an auction for it and buy a Learjet

P.S. From the RedHat article above I learned that you can check the state of the vulnerability&mitigation (given the kernel is ready/patched):
Code:
cat /sys/devices/system/cpu/vulnerabilities/itlb_multihit
-Not affected
-KVM Mitigation: Split huge pages
-KVM Vulnerable: no mitigation enabled

It looks like 4.4.202 is patched, the output on the Atom N270 running Slackware 14.2:
Code:
# uname -r
4.4.202-smp
# cat /sys/devices/system/cpu/vulnerabilities/itlb_multihit
Not affected

Last edited by abga; 11-18-2019 at 11:36 PM. Reason: P.S.
 
3 members found this post helpful.
Old 11-19-2019, 02:53 AM   #1862
teoberi
Member
 
Registered: Jan 2018
Location: Romania
Distribution: Slackware64-current (servers) / Ubuntu (workstations)
Posts: 198

Rep: Reputation: 126Reputation: 126
Kernel 5.4.0-rc8 is patched but mitigation requires activation of Intel Virtualization Technology (Vanderpool Technology) in BIOS/UEFI.
The message will be "KVM Mitigation: Split huge pages".
 
2 members found this post helpful.
Old 11-19-2019, 06:05 AM   #1863
cwizardone
LQ Guru
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib."
Posts: 5,960

Original Poster
Blog Entries: 1

Rep: Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246
Another round of kernel updates has been scheduled for release on Thursday morning, 21 November 2019, at approximately 05:00, GMT.

If no problems are found while testing the release candidates, they might be available sometime on Wednesday (depending on your time zone).

There will be 48 patches in the 5.3.12 kernel update, 422 in 4.19.85, and 239 in the 4.14.155 kernel update.

The details:

5.3.12, http://lkml.iu.edu/hypermail/linux/k...1.2/02329.html

4.19.85, http://lkml.iu.edu/hypermail/linux/k...1.2/03021.html

4.14.155, http://lkml.iu.edu/hypermail/linux/k...1.2/02702.html

Last edited by cwizardone; 11-19-2019 at 08:06 AM.
 
Old 11-19-2019, 06:11 AM   #1864
drmozes
Slackware Contributor
 
Registered: Apr 2008
Location: Surrey, England
Distribution: Slackware
Posts: 959

Rep: Reputation: 772Reputation: 772Reputation: 772Reputation: 772Reputation: 772Reputation: 772Reputation: 772
Quote:
Originally Posted by SCerovec View Post
i wonder how our ARM dudes are doing in -current?
A major release Kernel update is a lot of work. I'm also considering dropping the uBoot "uImage" from the packages, as they're only required by the Trimslice; but to drop it I'd need to get a newer version of U-Boot working on that device.
Or, I drop support for the Trimslice instead.

It's low priority - I don't fancy being an early adopter. I'll probably look at it some time in Q1 2020.

Last edited by drmozes; 11-19-2019 at 06:15 AM.
 
3 members found this post helpful.
Old 11-19-2019, 10:11 AM   #1865
SCerovec
Senior Member
 
Registered: Oct 2006
Location: Cp6uja
Distribution: Slackware on x86 and arm
Posts: 1,777
Blog Entries: 2

Rep: Reputation: 516Reputation: 516Reputation: 516Reputation: 516Reputation: 516Reputation: 516
Thumbs up

Quote:
Originally Posted by drmozes View Post
A major release Kernel update is a lot of work. I'm also considering dropping the uBoot "uImage" from the packages, as they're only required by the Trimslice; but to drop it I'd need to get a newer version of U-Boot working on that device.
Or, I drop support for the Trimslice instead.

It's low priority - I don't fancy being an early adopter. I'll probably look at it some time in Q1 2020.
Silly as I am i have high hopes on ARM and HDMI maybe even 64bit?
 
Old 11-19-2019, 10:21 AM   #1866
drmozes
Slackware Contributor
 
Registered: Apr 2008
Location: Surrey, England
Distribution: Slackware
Posts: 959

Rep: Reputation: 772Reputation: 772Reputation: 772Reputation: 772Reputation: 772Reputation: 772Reputation: 772
Quote:
Originally Posted by SCerovec View Post
Silly as I am i have high hopes on ARM and HDMI maybe even 64bit?
I already use HDMI with My Orange Pi with the current Kernel and it works both for the console and within Xorg.

I have no need for 64bit ARM hardware- someone else in the community is working on that and posts to the ARM sub forum.
 
2 members found this post helpful.
Old 11-19-2019, 10:36 AM   #1867
TurboBlaze
Member
 
Registered: Jan 2018
Location: Russian Federation, Lipetsk region, Dankov
Distribution: Porteus
Posts: 151

Rep: Reputation: Disabled
Hi. Anybody knows where I can download VirtualBox 6.0.15 ?
I am not able to found this version at http://download.virtualbox.org/virtualbox/
Thanks.
 
1 members found this post helpful.
Old 11-19-2019, 10:45 AM   #1868
Didier Spaier
LQ Addict
 
Registered: Nov 2008
Location: Paris, France
Distribution: Slint64-14.2.1.2 on Lenovo Thinkpad W520
Posts: 9,514

Rep: Reputation: Disabled
[off topic, deleted]
 
Old 11-19-2019, 10:48 AM   #1869
Aeterna
Member
 
Registered: Aug 2017
Location: Terra Mater
Distribution: VM Host: Slackware-current, VM Guests: Artix, Venom, antiX, Gentoo, FreeBSD, OpenBSD, OpenIndiana
Posts: 364

Rep: Reputation: Disabled
Quote:
Originally Posted by TurboBlaze View Post
Hi. Anybody knows where I can download VirtualBox 6.0.15 ?
I am not able to found this version at http://download.virtualbox.org/virtualbox/
Thanks.
here:
https://www.virtualbox.org/wiki/Testbuilds
 
4 members found this post helpful.
Old 11-20-2019, 09:49 AM   #1870
cwizardone
LQ Guru
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib."
Posts: 5,960

Original Poster
Blog Entries: 1

Rep: Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246
An update for the 3.16.y kernel series has been scheduled for release Friday afternoon, 22 November 2019, at approximately 15:30, GMT.

The 3.16.78 update will have 83 patches.

Mr. Hutchings' announcement, http://lkml.iu.edu/hypermail/linux/k...1.2/04899.html

Last edited by cwizardone; 11-20-2019 at 09:52 AM.
 
1 members found this post helpful.
Old 11-20-2019, 10:30 AM   #1871
cwizardone
LQ Guru
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib."
Posts: 5,960

Original Poster
Blog Entries: 1

Rep: Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246
Kernel updates 5.3.12 and 4.14.155 is now available at,

https://www.kernel.org/

The change logs,

https://cdn.kernel.org/pub/linux/ker...angeLog-5.3.12

https://cdn.kernel.org/pub/linux/ker...geLog-4.14.155

Last edited by cwizardone; 11-20-2019 at 11:19 AM.
 
Old 11-20-2019, 12:56 PM   #1872
cwizardone
LQ Guru
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib."
Posts: 5,960

Original Poster
Blog Entries: 1

Rep: Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246Reputation: 3246
The 4.19.85 kernel update is now available at,

https://www.kernel.org/

The change log, https://cdn.kernel.org/pub/linux/ker...ngeLog-4.19.85

This "late in the game," 422 patches makes me question the process, but, then, perhaps, I just don't understand how the whole long term kernel maintenance system works.

Last edited by cwizardone; 11-20-2019 at 01:16 PM.
 
1 members found this post helpful.
Old 11-20-2019, 02:24 PM   #1873
SCerovec
Senior Member
 
Registered: Oct 2006
Location: Cp6uja
Distribution: Slackware on x86 and arm
Posts: 1,777
Blog Entries: 2

Rep: Reputation: 516Reputation: 516Reputation: 516Reputation: 516Reputation: 516Reputation: 516
Thumbs up

Quote:
Originally Posted by cwizardone View Post
The 4.19.85 kernel update is now available at,

https://www.kernel.org/

The change log, https://cdn.kernel.org/pub/linux/ker...ngeLog-4.19.85

This "late in the game," 422 patches makes me question the process, but, then, perhaps, I just don't understand how the whole long term kernel maintenance system works.

(keeping you company)
 
2 members found this post helpful.
Old 11-20-2019, 03:10 PM   #1874
Didier Spaier
LQ Addict
 
Registered: Nov 2008
Location: Paris, France
Distribution: Slint64-14.2.1.2 on Lenovo Thinkpad W520
Posts: 9,514

Rep: Reputation: Disabled
Quote:
Originally Posted by cwizardone View Post
This "late in the game," 422 patches makes me question the process, but, then, perhaps, I just don't understand how the whole long term kernel maintenance system works.
In what regard do you question the process? Do you mean that it's sad that bugs be discovered long after the release? I don't know how this could be avoided. Bear in mind that most bugs are triggered in specific contexts or through a specific (and possibly unusual) sequence of events. Listing all contexts or possible sequences of events to test them is hardly feasible.

Me, I am happy that bugs be fixed in point releases, regardless of the status (LTS or not) of the major release. For server expected to run 24/7 365d/y it's up to the admin to decide if upgrading the kernel is worth the down time (but there are cases where they could instead do a kernel livepatching despite its limitations).

Last edited by Didier Spaier; 11-20-2019 at 03:14 PM.
 
Old 11-20-2019, 04:49 PM   #1875
GazL
LQ Guru
 
Registered: May 2008
Distribution: CRUX
Posts: 5,555
Blog Entries: 14

Rep: Reputation: 3401Reputation: 3401Reputation: 3401Reputation: 3401Reputation: 3401Reputation: 3401Reputation: 3401Reputation: 3401Reputation: 3401Reputation: 3401Reputation: 3401
Just tried 5.3.12 and I'm still seeing the raised thermal levels at idle and under minor load that I was seeing with 5.3.11.

Looks like I'll be stuck with 5.3.10 for the time being.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux.conf.au: Latest Linux kernel release due early March DragonSlayer48DX Linux - News 0 01-18-2010 10:43 PM
No video on latest kernel release Tralce Linux - Kernel 3 11-30-2006 07:48 AM
What is the latest Redhat release TILEMANN Linux - Software 5 11-20-2006 10:48 PM
LXer: News: OpenVZ To Release Support, Patches for Latest Kernel LXer Syndicated Linux News 0 11-01-2006 10:54 PM
latest debian release? doralsoral Linux - Software 5 12-25-2004 12:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 11:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration