Word back was that the updates were coming, but not officially released or validated yet.
Michael Stumpf Storage, Embedded Management Dell EMC | PowerEdge Portfolio Sys Engr From: poweredgec-tools-bounces On Behalf Of Stumpf, Michael Sent: Monday, April 09, 2018 3:58 PM To: [email protected]; poweredgec-tools <[email protected]> Subject: Re: [Poweredgec-tools] any further BIOS updates for C6145? Actually, I was digging around a bit and found my improved version that offers more granular view of the kernel flags, because in some cases I found they were not all moving in lock-step. In any case, be sure to check in /sys/kernel/debug/x86/ to verify all of these flags are present. If your kernel doesn't have the patch, they won't be there. #!/bin/bash if [ $# -lt 1 ] ; then printf "\n" printf "Spectre/Meltdown enable/disable tool\n" printf "\n" printf "usage:\n" printf "\n" printf " spectre_meltdown protect|unprotect|status|verbose_status\n" printf "\n" printf "\n" printf "\n" printf "\n" exit 1 fi ARG=$1 if [ $ARG == "protect" ] ; then echo Protecting... echo 1 > /sys/kernel/debug/x86/pti_enabled echo 1 > /sys/kernel/debug/x86/ibpb_enabled echo 1 > /sys/kernel/debug/x86/ibrs_enabled exit 0 fi if [ $ARG == "unprotect" ] ; then echo Unprotecting... echo 0 > /sys/kernel/debug/x86/pti_enabled echo 0 > /sys/kernel/debug/x86/ibpb_enabled echo 0 > /sys/kernel/debug/x86/ibrs_enabled exit 0 fi if [ $ARG == "status" ] ; then PTI=`cat /sys/kernel/debug/x86/pti_enabled 2>/dev/null` IBPB=`cat /sys/kernel/debug/x86/ibpb_enabled 2>/dev/null` IBRS=`cat /sys/kernel/debug/x86/ibrs_enabled 2>/dev/null` STATUS="unprotected" if [[ ( "$PTI" == "1" ) && ( "$IBPB" == "1" ) && ( "$IBRS" == "1" ) ]] ; then STATUS="protected" fi printf "%s\n" "$STATUS" exit 0 fi if [ $ARG == "verbose_status" ] ; then PTI=`cat /sys/kernel/debug/x86/pti_enabled 2>/dev/null` IBPB=`cat /sys/kernel/debug/x86/ibpb_enabled 2>/dev/null` IBRS=`cat /sys/kernel/debug/x86/ibrs_enabled 2>/dev/null` PTI_TXT="unprotected"; IBPB_TXT="unprotected"; IBRS_TXT="unprotected"; if [[ ( "$PTI" == "1" ) ]] ; then PTI_TXT="protected"; fi if [[ ( "$IBPB" == "1" ) ]] ; then IBPB_TXT="protected"; fi if [[ ( "$IBRS" == "1" ) ]] ; then IBRS_TXT="protected"; fi printf "%6s enabled: %s --> %s\n" "pti" "$PTI" "$PTI_TXT" printf "%6s enabled: %s --> %s\n" "ibpb" "$IBPB" "$IBPB_TXT" printf "%6s enabled: %s --> %s\n" "ibrs" "$IBRS" "$IBRS_TXT" exit 0 fi echo Invalid argument. exit 1 Michael Stumpf Storage, Embedded Management Dell EMC | PowerEdge Portfolio Sys Engr From: Stumpf, Michael Sent: Monday, April 09, 2018 3:37 PM To: 'Nigel Williams' <[email protected]<mailto:[email protected]>>; poweredgec-tools <[email protected]<mailto:[email protected]>> Subject: RE: any further BIOS updates for C6145? good question, I started poking around about this. I know I read that AMD may not have been affected as much (or at all). Have you tried applying the OS patches & checking? I haven't spent a lot of time at this save one quick benchmark, but I did toss together quickly this bash tool to report "protected or not", and used RHEL 7.4. #!/bin/bash if [ $# -lt 1 ] ; then printf "\n" printf "Spectre/Meltdown enable/disable tool\n" printf "\n" printf "usage:\n" printf "\n" printf " spectre_meltdown protect|unprotect|status\n" printf "\n" printf "\n" printf "\n" printf "\n" exit 1 fi ARG=$1 if [ $ARG == "protect" ] ; then echo Protecting... echo 1 > /sys/kernel/debug/x86/pti_enabled echo 1 > /sys/kernel/debug/x86/ibpb_enabled echo 1 > /sys/kernel/debug/x86/ibrs_enabled exit 0 fi if [ $ARG == "unprotect" ] ; then echo Unprotecting... echo 0 > /sys/kernel/debug/x86/pti_enabled echo 0 > /sys/kernel/debug/x86/ibpb_enabled echo 0 > /sys/kernel/debug/x86/ibrs_enabled exit 0 fi if [ $ARG == "status" ] ; then PTI=`cat /sys/kernel/debug/x86/pti_enabled 2>/dev/null` IBPB=`cat /sys/kernel/debug/x86/ibpb_enabled 2>/dev/null` IBRS=`cat /sys/kernel/debug/x86/ibrs_enabled 2>/dev/null` STATUS="unprotected" if [[ ( "$PTI" == "1" ) && ( "$IBPB" == "1" ) && ( "$IBRS" == "1" ) ]] ; then STATUS="protected" fi printf "%s\n" "$STATUS" exit 0 fi echo Invalid argument. exit 1 Michael Stumpf Storage, Embedded Management Dell EMC | PowerEdge Portfolio Sys Engr From: poweredgec-tools-bounces On Behalf Of Nigel Williams Sent: Sunday, April 08, 2018 10:27 PM To: poweredgec-tools <[email protected]<mailto:[email protected]>> Subject: [Poweredgec-tools] any further BIOS updates for C6145? Since the question came up on an internal chat (about updates for Spectre/Meltdown/etc) will the C6145 see any more firmware updates? thanks. University of Tasmania Electronic Communications Policy (December, 2014). This email is confidential, and is for the intended recipient only. Access, disclosure, copying, distribution, or reliance on any of it by anyone outside the intended recipient organisation is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender. The views expressed in this email are not necessarily the views of the University of Tasmania, unless clearly intended otherwise.
_______________________________________________ Poweredgec-tools mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/poweredgec-tools
