File:
[NetBSD Developer Wiki] /
wikisrc /
security /
meltdown_spectre.mdwn
Revision
1.18:
download - view:
text,
annotated -
select for diffs
Fri Mar 16 10:08:00 2018 UTC (5 years ago) by
maxv
Branches:
MAIN
CVS tags:
HEAD
Remove the "NetBSD-6" column, and add a note to say that nothing will get
fixed in NetBSD-6.
So far there have been no fixes committed by anyone for the !x86 ports,
and realistically even if someone were to commit them right now they would
require testing and too much effort to be backported as far as NetBSD-6.
1: [[!meta title="Meltdown and Spectre Status Page"]]
2:
3: Status of the Fixes
4: -------------------
5:
6: NetBSD-6, and all the anterior releases, have no planned fixes.
7:
8: ## Spectre Variant 1
9:
10: [[!table data="""
11: Port |Vendor/Model |Spectre (V1) |NetBSD-7 |NetBSD-8 |NetBSD-current
12: amd64 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
13: amd64 |AMD |Vulnerable |Not fixed |Not fixed |Not fixed
14: amd64 |VIA |Unknown | | |
15: i386 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
16: i386 |AMD |Vulnerable |Not fixed |Not fixed |Not fixed
17: i386 |VIA |Unknown | | |
18: mips |MIPS P5600 |Vulnerable |Not fixed |Not fixed |Not fixed
19: mips |MIPS P6600 |Vulnerable |Not fixed |Not fixed |Not fixed
20: mips |Other Models |Not vulnerable | | |
21: ia64 |Intel |Not vulnerable | | |
22: riscv |(Spec.) |Not vulnerable | | |
23: """]]
24:
25: ## Spectre Variant 2
26:
27: [[!table data="""
28: Port |Vendor/Model |Spectre (V2) |NetBSD-7 |NetBSD-8 |NetBSD-current
29: amd64 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
30: amd64 |AMD |Vulnerable |Not fixed |Not fixed |Not fixed
31: amd64 |VIA |Unknown | | |
32: i386 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
33: i386 |AMD |Vulnerable |Not fixed |Not fixed |Not fixed
34: i386 |VIA |Unknown | | |
35: mips |MIPS P5600 |Vulnerable |Not fixed |Not fixed |Not fixed
36: mips |MIPS P6600 |Vulnerable |Not fixed |Not fixed |Not fixed
37: mips |Other Models |Not vulnerable | | |
38: ia64 |Intel |Not vulnerable | | |
39: riscv |(Spec.) |Not vulnerable | | |
40: """]]
41:
42: ## Meltdown
43:
44: [[!table data="""
45: Port |Vendor/Model |Meltdown (V3) |NetBSD-7 |NetBSD-8 |NetBSD-current
46: amd64 |Intel |Vulnerable |Not fixed |Not fixed |Fixed [MitigA]
47: amd64 |AMD |Not vulnerable | | |
48: amd64 |VIA |Unknown | | |
49: i386 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
50: i386 |AMD |Not vulnerable | | |
51: i386 |VIA |Unknown | | |
52: mips |MIPS P5600 |Not vulnerable | | |
53: mips |MIPS P6600 |Not vulnerable | | |
54: mips |Other Models |Not vulnerable | | |
55: ia64 |Intel |Not vulnerable | | |
56: riscv |(Spec.) |Not vulnerable | | |
57: """]]
58:
59: ## Mitigations
60:
61: ### Mitigation A: SVS
62:
63: Meltdown is mitigated with the SVS feature. It can be dynamically disabled
64: by changing the "machdep.svs.enabled" sysctl.
65:
66: ## External Resources
67:
68: * [MIPS Blog Post](https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/)
69: * [ARM Security Update](https://developer.arm.com/support/security-update)
70: * [RISC-V](https://riscv.org/2018/01/more-secure-world-risc-v-isa/)
71:
72: ## Notes
73:
74: * VIA Technologies did not issue any statement regarding their CPUs. It is not currently known whether they are affected.
75: * For Spectre Variant 2, neither Intel, nor AMD, has issued a stable microcode update.
76:
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb
![[BACK]](/icons/back.gif){kind=icon}
Return to meltdown_spectre.mdwn CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [NetBSD Developer Wiki] / wikisrc / security