On Wed, 10 Jul 2019 12:52:47 +0300
Konstantin Belousov wrote:
> On Wed, Jul 10, 2019 at 09:06:31AM +0200, dam...@damianek.be wrote:
> > Hello
> >
> > FreeBSD 11.2-RELEASE-p11
> > CPU: Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz (2594.05-MHz
> > K8-class CPU)
> >
> > sysctl hw.mds_disable was set
I’m sorry but if you really care about security you have to read the advisory
and stop assuming things.
For every complaint why this is disabled by default, there will 10 complaints
why it was enabled by default and broke things.
Having said this, I could see the benefit of reporting the fact t
Hello list. I am reading this page about FreeBSD security [
https://vez.mrsk.me/freebsd-defaults.html ] and it says the Intel MDS
mitigation is off by default. So I tried.
% sysctl hw.mds_disable_state
hw.mds_disable_state: inactive
Now I see the instructions in the advisory, but what about any
On Wed, Jul 10, 2019 at 09:06:31AM +0200, dam...@damianek.be wrote:
> Hello
>
> FreeBSD 11.2-RELEASE-p11
> CPU: Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz (2594.05-MHz K8-class CPU)
>
> sysctl hw.mds_disable was set to 3 (Automatic VERW or Software selection),
> HT disabled in BIOS, and i install
Hello
FreeBSD 11.2-RELEASE-p11
CPU: Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz (2594.05-MHz K8-class CPU)
sysctl hw.mds_disable was set to 3 (Automatic VERW or Software selection),
HT disabled in BIOS, and i install manually latest CPU microcode from
https://github.com/intel/Intel-Linux-Processor-
