IT razno.

[skrstic]

CIA snajka CIA  

Kići su mi sve AMD procesori osim onog na tabletu. 

[Mikorist]

https://www.barrons.com/articles/intels-liability-could-be-bigger-than-pentium-bug-of-the-90s-says-bernstein-1514997291

 

Kući su mi sve Intel... A i serveri 

[zika]

  ...* Bionic update to v4.14.11 stable release (LP: #1741061)
    - tracing: Remove extra zeroing out of the ring buffer page
    - tracing: Fix possible double free on failure of allocating trace buffer
    - tracing: Fix crash when it fails to alloc ring buffer
    - x86/cpufeatures: Add X86_BUG_CPU_INSECURE
    - x86/mm/pti: Disable global pages if PAGE_TABLE_ISOLATION=y
    - x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3 switching
    - x86/mm/pti: Add infrastructure for page table isolation
    - x86/pti: Add the pti= cmdline option and documentation
    - x86/mm/pti: Add mapping helper functions
    - x86/mm/pti: Allow NX poison to be set in p4d/pgd
    - x86/mm/pti: Allocate a separate user PGD
    - x86/mm/pti: Populate user PGD
    - x86/mm/pti: Add functions to clone kernel PMDs
    - x86/mm/pti: Force entry through trampoline when PTI active
    - x86/mm/pti: Share cpu_entry_area with user space page tables
    - x86/entry: Align entry text section to PMD boundary
    - x86/mm/pti: Share entry text PMD
    - x86/mm/pti: Map ESPFIX into user space
    - x86/cpu_entry_area: Add debugstore entries to cpu_entry_area
    - x86/events/intel/ds: Map debug buffers in cpu_entry_area
    - x86/mm/64: Make a full PGD-entry size hole in the memory map
    - x86/pti: Put the LDT in its own PGD if PTI is on
    - x86/pti: Map the vsyscall page if needed
    - x86/mm: Allow flushing for future ASID switches
    - x86/mm: Abstract switching CR3
    - x86/mm: Use/Fix PCID to optimize user/kernel switches
    - x86/mm: Optimize RESTORE_CR3
    - x86/mm: Use INVPCID for __native_flush_tlb_single()
    - x86/mm: Clarify the whole ASID/kernel PCID/user PCID naming
    - x86/dumpstack: Indicate in Oops whether PTI is configured and enabled
    - x86/mm/pti: Add Kconfig
    - x86/mm/dump_pagetables: Add page table directory to the debugfs VFS
      hierarchy
    - x86/mm/dump_pagetables: Check user space page table for WX pages
    - x86/mm/dump_pagetables: Allow dumping current pagetables...

4.15 je to, već, dobio...

Uz dobar FW i ostalo sve je to, ipak, odbranjivo, čak i pre zakrpa...

FUD je, uvek, prisutan...

[Mikorist]

Evo ga GURU se javio

Quote

Why is this all done without any configuration options?

A *competent* CPU engineer would fix this by making sure speculation
doesn't happen across protection domains. Maybe even a L1 I$ that is
keyed by CPL.

I think somebody inside of Intel needs to really take a long hard look
at their CPU's, and actually admit that they have issues instead of
writing PR blurbs that say that everything works as designed.

.. and that really means that all these mitigation patches should be
written with "not all CPU's are crap" in mind.

Or is Intel basically saying "we are committed to selling you shit
forever and ever, and never fixing anything"?

Because if that's the case, maybe we should start looking towards the
ARM64 people more.

Please talk to management. Because I really see exactly two possibibilities:

 - Intel never intends to fix anything

OR

 - these workarounds should have a way to disable them.

Which of the two is it?

                   Linus
 

 

https://lkml.org/lkml/2018/1/3/797

[skrstic]

Risk Assessment

Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the INTEL-SA-00086 Detection Tool Guide or the Intel Security Advisory Intel-SA-00086 at the following link: https://www.intel.com/sa-00086-support

INTEL-SA-00086 Detection Tool

Application Version: 1.0.0.152
Scan date: 05.01.2018 16:47:57

[Zen Mod]

jbga , ja prop'o

ancient i3

 

[Mikorist]

12 minutes ago, skrstic said:

This system is not vulnerable.

 

A ti veruješ Intelu ? 

Pogledaj moj predhodni post šta kaže Linus  

 

33 minutes ago, Mikorist said:

I think somebody inside of Intel needs to really take a long hard look
at their CPU's, and actually admit that they have issues instead of
writing PR blurbs that say that everything works as designed.

 

[Mikorist]

a evo ga juče gde kaže da su ove zakrpe sviranje q..ca bez CPL

[zika]

Kao ne jednom do sada, uprkos svim izvrsnim odlukama, Linus svađom grdi i sebe jer je, recimo tako, odlukama koje je učinio nedavno kumovao ovome što se sada dešava. Jeste, prilika je da nije mogao videti šta je iza krivine ali... Njemu kapa dole ali to samo dokazuje da neke krivine ne mogu da predvide i najbolji vozači... Najčešće je najljući kada se ljuti na sebe..

[Mikorist]

Da . Zato sam u iskušenju da sam sebi hakujem BIOS. 

https://github.com/tuxuser/OzmosisBIOS

Ovo se ne preporučuje nikome jer može da ubije matična. Pogotovo ako nije dual BIOS.

Međutim moj jeste...

[Woland]

ajd za polupismene: treba li da flešujem bios, ako ima upgrade?

[Mikorist]

6 minutes ago, Woland said:

ajd za polupismene: treba li da flešujem bios, ako ima upgrade?

Ako ima upgrade. Za moju nema.

Ali zato mogu sam da ga modifikujem. Sa MMTOOL.  Plus da misli da je Mekintoš a ne PC. Kakav gods oćeš ROM 

[Woland]

ima nekakav od 19.12. odradih ga.. Lenovo Thinkpad 440p

[Mikorist]

ima Paju Patka da stavim za logo umesto American Megatrends

[NIXIE]

1 hour ago, Mikorist said:

ima Paju Patka da stavim za logo umesto American Megatrends

Ću kupim AMD Ryzen 3 za po  kući, valjda nisu puno lošiji od I5, osim što su dobrano jeftiniji.

[skrstic]

4 hours ago, Mikorist said:

A ti veruješ Intelu ? 

Pogledaj moj predhodni post šta kaže Linus  

Jel da se citiram il da ponovim CIA snajka NSA...

Pa jer stvarno misliš da nije INTEL-dizajnerski stavljeno da možeš svemu da pristupiš? Neko slučajno provalio ili vetovatnije neko iz sližbi objavio. Pa sve ide kroz intel serve. Ceo internet a preko njega sve komunikacije.

[Mikorist]

18 hours ago, zika said:

Njemu kapa dole ali to samo dokazuje da neke krivine ne mogu da predvide i najbolji vozači.

Ako on ne zna kako kernel radi i šta je potrebno da se pačuje onda ko drugi ?

(da ostavimo po strani njegov karakter - zna da bude nezgodan)

On i dalje tvrdi da je potreban CPL kako bi se sprečio Meltdown da čita JIT' iz JS iz web browsera...

A isti je princip na svim operativnim sistemima na low level nivou.

[Mikorist]

https://arstechnica.com/gadgets/2018/01/intel-faces-class-action-lawsuits-regarding-meltdown-and-spectre/

[Mikorist]

Evo u praksi posledice patchovanja Meltdowna na cloud serverima:

https://www.epicgames.com/fortnite/forums/news/announcements/132642-epic-services-stability-update

 

p.s

This is the right moment for Apple to consider Switch to AMD and ARM CPU’s

[Mikorist]

A evo zašto je Linus zapeo za  PCL - (The Performance Counter Library) 

SAD (patched): (RAW_DATA + ENCRYPT_DATA) > Processor > STORE_ENCRYPTED_DATA > Processor, then when requested, (DECRYPT_DATA + CHECK_DATA) > Processor > ERASE_DATA_FROM_RAM > Processor.

Svaki put,  procesovani podaci su veći i veći - izazivaju usporenje za 30 do 45%

PRE (without patch) : (RAW_DATA) > Processor > ENCRYPT_DATA > Processor > STORE_DATA > Processor, then when requested, DECRYPT_DATA > Processor > CHECK_DATA > Processor > ERASE_DATA > Processor. 

[Zen Mod]

nas server AMD ?

 

[D i g i t a L]

Ma jok Intele.

Kako rade reklo bi se da je stariji od shesnes godina,tako da nema zime za pinkgvine - nej se istopi.

Pozdrav za majstor Miko ot Digital sa Maljen planinu.