Re: Suggestion: âspectre_v2=offâ and ânoptiâ per default in "Intel Atom N270" case?
From: Christian KrÃger
Date: Wed May 23 2018 - 13:47:03 EST
Am 23.05.2018 um 19:07 schrieb Johannes Hirte:
On 2018 Mai 23, Pavel Machek wrote:
On Sat 2018-05-19 21:53:02, Christian KrÃger wrote:
Hi,
Since the old "in-order-execution" Intel CPUs like the Intel Atom N270
(known for being installed in many Netbooks and Nettops) are not sensitive
for "Meltdown" & "Spectre" , wouldn't it be a good idea to exclude these
anyway "weak" CPUs from the costly patches by default?
Browsing the web, I can "feel the difference" if the matching kernel options
are applied on such a device.
Can you also measure the difference? Placebo effect is hard to avoid.
But yes, we do not need to do workarounds on non-buggy machines...
Pavel
On my Atom N270 there doesn't seem to be any workaround active with
kernel 4.14.42:
localhost ~ # cat /sys/devices/system/cpu/vulnerabilities/*
Not affected
Not affected
Not affected
Christian, did you verified the mitigations are active on your system?
What kernels are affected?
$ uname -a
Linux user-device 3.13.0-143-generic #192-Ubuntu SMP Tue Feb 27 10:46:44
UTC 2018 i686 i686 i686 GNU/Linux
$ cat /sys/devices/system/cpu/vulnerabilities/*
Vulnerable
Mittigation: OSB (observable speculation barrier, Intel v6)
Mittigation: Full generic repoline
OK, so I've updated the OS on my (usually off-line) Netbook:
$ uname -a
Linux user-device 3.13.0-149-generic #199-Ubuntu SMP Thu May 17 10:12:57
UTC 2018 i686 i686 i686 GNU/Linux
$ cat /sys/devices/system/cpu/vulnerabilities/*
Not affected
Not affected
Not affected
Not affected
Conclusion:
Don't bother others before not checking the latest version. (Actually
this is the first time it made a difference... ).
Sorry for the noise and thanks for listening and all the great work!
Christian