Announcement

**oooverclocker** · 17 June 2018, 08:31 AM

Thank you Gavin and Michael! This is very interesting and understandable information is hard to find.

Edit: But what surprises me a lot is to put the slides behind the login of a "social"-or probably more asocial network when you like to read them offline in a reasonable quality. I would consider much different behavior of someone who is working in an open source environment.

**n00b** · 17 June 2018, 09:51 AM

Originally posted by oooverclocker View Post

But what surprises me a lot is to put the slides behind the login of a "social"-or probably more asocial network when you like to read them offline in a reasonable quality.

Maybe it's because there is a YouTube video in one of the slides.

**Adarion** · 17 June 2018, 12:40 PM

Originally posted by oooverclocker View Post

Thank you Gavin and Michael! This is very interesting and understandable information is hard to find.

Edit: But what surprises me a lot is to put the slides behind the login of a "social"-or probably more asocial network when you like to read them offline in a reasonable quality. I would consider much different behavior of someone who is working in an open source environment.

Yes, slideshare sucks, they try to force you to have an account if you want to read the pdf offline (log in via ... something).

**kripteks** · 17 June 2018, 03:21 PM

For people read 77 page

I have this:

Code:

# grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW

I am vulnerable ?

**numacross** · 17 June 2018, 03:30 PM

Originally posted by kripteks View Post

For people read 77 page

I have this:

Code:

# grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW

I am vulnerable ?

You need new microcode for full mitigation of v4. Others are good.

**mulenmar** · 17 June 2018, 03:47 PM

Putting scientific findings behind a paywall should be illegal, including computer science. >_>

**starshipeleven** · 17 June 2018, 03:58 PM

Originally posted by mulenmar View Post

Putting scientific findings behind a paywall should be illegal, including computer science. >_>

I'm ok with it as long as it has affordable pricing. Someone has to pay for the research and/or the peer review.

For example you can find all sorts of insane bs on arxiv (not peer reviewed), and I'd rather not have to spend my time checking for bs when I'm looking for scientific info.

**kripteks** · 17 June 2018, 05:12 PM

Originally posted by numacross View Post

You need new microcode for full mitigation of v4. Others are good.

I have already 20180425 microcode, my cpu Coffee Lake gen 8
dmesg: microcode updated early to revision 0x84, date = 2018-01-21
using kernel 4.18-rc1

What i can ?
Flash motherboard is necessary ?

**gavinguo** · 17 June 2018, 07:07 PM

I'm sorry I didn't notice that to read the slide needs to log in to the slideshare.com.

This is the slide pdf for people to download:

404 Not Found

http://kernel.ubuntu.com/~gavinguo/spectre_v2/spectrev1v2v4-meltdownv3-gavin-guo.pdf

This is the page with the topic on 2018 Linux Conference, the slide can also be downloaded here:

https://lc32018.sched.com/event/ER9k/understanding-spectre-v2-and-how-the-vulnerability-impact-the-cloud-security-gavin-guo-canonical

This is the youtube video for people can understand Chinese:

主題分享：深入 Spectre V2 - VM 如何攻擊 Host？- (Gavin Guo)

主題分享：深入 Spectre V2 - VM 如何攻擊 Host？- (Gavin Guo)

https://www.youtube.com/watch?v=zYRI60uAwYc

Speaker: Gavin GuoLicense: CC-BYNotes: https://docs.google.com/document/d/1AdzhWGgZli6RtCgoNBrVKL7aISTsL7WKdoARReH7gnk/edit?usp=sharingEvent: https://www.fac...

We have a facebook club to discuss and share about the kernel materials, please join us:

Taiwan Linux Kernel Hackers

Taiwan Linux Kernel Hackers | Facebook

https://www.facebook.com/groups/twlinuxkernelhackers/

有鑑於 Linux Kernel 的高度複雜。本討論區提供從業人員，或有興趣的開發者以開放的心胸，盡興的交換知識，增長知識。由於 Facebook 的瀏覽模式，無法做很有系統的知識管理。為方便定期的整理，並有效率的討論技術細節，完整目錄見以下網頁: https://hackmd.io/c/Hkhqgrr1Z 社團設有mailing list group，請加入mailing list...

Announcement

A Complete Look At Spectre V1/V2/V4 & Meltdown

A Complete Look At Spectre V1/V2/V4 & Meltdown

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment