[kwlug-disc] Meltown fix for Linux kernel

Jeff Smith crankyoldbugger at gmail.com
Fri Jan 12 09:13:31 EST 2018 

There's a write-up on the recent Ubuntu updates in Full Circle and ZDNet:

https://fullcirclemagazine.org/2018/01/12/linux-vs-meltdown-ubuntu-gets-second-update-after-first-one-fails-to-boot/



________________________________
From: kwlug-disc <kwlug-disc-bounces at kwlug.org> on behalf of Bob Jonkman <bjonkman at sobac.com>
Sent: 11 January 2018 19:48
To: KWLUG discussion
Subject: Re: [kwlug-disc] Meltown fix for Linux kernel

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ubuntu is having its problems lately.  In December they had the BIOS
corruption bug on 17.10:

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1734147

I'm in the process of switching all our home computers to Debian
Testing and the servers to Debian Stable. Previously had a mixture of
Ubuntu 16.04, 14.04, Mint with Mate, Debian Jessie, and who knows what
else.  But I don't think it'll help avoid these latest kernel bugs...

- --Bob

On 2018-01-11 03:24 PM, doug moen wrote:
> The Ubuntu bug is here:
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742323
>
> The problem is that, after upgrading to kernel 4.4.0-108, some
> systems won't boot.
>
> Most people with this problem report that upgrading to 4.4.0-109
> (which is now in the Ubuntu repositories) fixes the problem.
>
> However, bug 1742323 is still open and being worked on (marked
> critical).
>
> On 10 January 2018 at 18:04, Khalid Baheyeldin <kb at 2bits.com>
> wrote:
>
>> And Ubuntu 16.04 users can't reboot the new kernel after applying
>> the fixes.
>>
>> Not a big deal if it is a desktop. If it is a dedicated server in
>> a data center, then it is downtime + support headaches.
>>
>> https://news.slashdot.org/story/18/01/10/1634215/
[https://a.fsdn.com/sd/topics/security_64.png]<https://news.slashdot.org/story/18/01/10/1634215/>

Meltdown and Spectre Patches Bricking Ubuntu 16.04 Computers - Slashdot<https://news.slashdot.org/story/18/01/10/1634215/>
news.slashdot.org
An anonymous reader writes: Ubuntu Xenial 16.04 users who updated to receive the Meltdown and Spectre patches are reporting they are unable to boot their systems and have been forced to roll back to an earlier Linux kernel image. The issues were reported by a large number of users on the Ubuntu foru...



>> meltdown-and-spectre-patches-bricking-ubuntu-1604-computers
>>
>> On Wed, Jan 10, 2018 at 9:24 AM, Khalid Baheyeldin <kb at 2bits.com>
>> wrote:
>>
>>> Wow, the differences are significant ...
>>>
>>> For a dedicated server, the fix for Meltdown is not really
>>> needed, since no one else is accessing RAM by exploiting the
>>> speculative execution.
>>>
>>> So I am thinking of pinning the kernel to what it is on those
>>> machines.
>>>
>>> But there are also headers, generic, ...etc.
>>>
>>> Anyone tried that?
>>>
>>>
>>>
>>> On Wed, Jan 10, 2018 at 8:31 AM, L.D. Paniak <
>>> ldpaniak at fourpisolutions.com> wrote:
>>>
>>>> Looks like you will see substantial performance impact for
>>>> I/O-heavy workloads (especially synthetic ones):
>>>>
>>>> https://www.phoronix.com/scan.php?page=news_item&px=KPTI-Ret
>>>> poline-Combined-Ubuntu
>>>>
>>>> The Apache server numbers are especially notable.
>>>>
>>>>
>>>>
>>>> On 01/09/2018 07:18 PM, doug moen wrote:
>>>>
>>>> According to what I read, the performance impact occurs if
>>>> you are hammering the kernel with a lot of system calls. Eg,
>>>> a server that is performing a lot of I/o.
>>>>
>>>> On Tuesday, 9 January 2018, Khalid Baheyeldin <kb at 2bits.com>
>>>> wrote:
>>>>
>>>>> I just received the email for the meltdown patch for Ubuntu
>>>>> Linux.
>>>>>
>>>>> CVE-2017-5754
>>>>>
>>>>> There are two concerns:
>>>>>
>>>>> 1. Performance impact.
>>>>>
>>>>> 2. This comment in the email:
>>>>>
>>>>> "ATTENTION: Due to an unavoidable ABI change the kernel
>>>>> updates have been given a new version number, which
>>>>> requires you to recompile and reinstall all third party
>>>>> kernel modules you might have installed. Unless you
>>>>> manually uninstalled the standard kernel metapackages (e.g.
>>>>> linux-generic, linux-generic-lts-RELEASE, linux-virtual,
>>>>> linux-powerpc), a standard system upgrade will
>>>>> automatically perform this as well."
>>>>>
>>>>> Anyone updated to this fix yet? Any noticeable negative
>>>>> impact on performance?
>>>>>
>>>>> -- Khalid M. Baheyeldin 2bits.com, Inc. Fast Reliable
>>>>> Drupal Drupal optimization, development, customization and
>>>>> consulting. Simplicity is prerequisite for reliability. --
>>>>> Edsger W.Dijkstra Simplicity is the ultimate
>>>>> sophistication. --   Leonardo da Vinci For every complex
>>>>> problem, there is an answer that is clear, simple, and
>>>>> wrong." -- H.L. Mencken
>>>>>
>>>>
>>>>
>>>> _______________________________________________ kwlug-disc
>>>> mailing
>>>> listkwlug-disc at kwlug.orghttp://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>>>
>>>>
>>>>
>>>>
>>>>
_______________________________________________
>>>> kwlug-disc mailing list kwlug-disc at kwlug.org
>>>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>>>
>>>>
>>>
>>>
>>> -- Khalid M. Baheyeldin 2bits.com, Inc. Fast Reliable Drupal
>>> Drupal optimization, development, customization and
>>> consulting. Simplicity is prerequisite for reliability. --
>>> Edsger W.Dijkstra Simplicity is the ultimate sophistication. --
>>> Leonardo da Vinci For every complex problem, there is an answer
>>> that is clear, simple, and wrong." -- H.L. Mencken
>>>
>>
>>
>>
>> -- Khalid M. Baheyeldin 2bits.com, Inc. Fast Reliable Drupal
>> Drupal optimization, development, customization and consulting.
>> Simplicity is prerequisite for reliability. --  Edsger
>> W.Dijkstra Simplicity is the ultimate sophistication. --
>> Leonardo da Vinci For every complex problem, there is an answer
>> that is clear, simple, and wrong." -- H.L. Mencken
>>
>> _______________________________________________ kwlug-disc
>> mailing list kwlug-disc at kwlug.org
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>
>>
>
>
>
> _______________________________________________ kwlug-disc mailing
> list kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>

- --
Bob Jonkman <bjonkman at sobac.com>          Phone: +1-519-635-9413
SOBAC Microcomputer Services             http://sobac.com/sobac/
SOBAC Microcomputer Services<http://sobac.com/sobac/>
sobac.com
^About SOBAC Microcomputer Services. SOBAC Microcomputer Services was founded in 1987 by Bob Jonkman and incorporated as 987213 ONTARIO INC. in 1992.



Software   ---   Office & Business Automation   ---   Consulting
GnuPG Fngrprnt:04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Ensure confidentiality, authenticity, non-repudiability

iEYEARECAAYFAlpYBccACgkQuRKJsNLM5eogVQCg2PAO3Ai7dBI6aXMgwTNl0mbu
GsQAoLUYAn+1f9kRTc2qutr2qqkMtgZS
=IaHA
-----END PGP SIGNATURE-----

_______________________________________________
kwlug-disc mailing list
kwlug-disc at kwlug.org
http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180112/1bc977d0/attachment.htm>

More information about the kwlug-disc mailing list