Episode Details

We review Meltdown and Spectre responses from various BSD projects, show you how to run CentOS with bhyve, GhostBSD 11.1 is out, and we look at the case against the fork syscall.

This episode was brought to you by

Headlines

More Meltdown

• Much has been happened this week, but before we get into a status update of the various mitigations on the other BSDs, some important updates:

  • Intel has recalled the microcode update they issued on January 8th. It turns out this update can cause Haswell and Broadwell based systems to randomly reboot, with some frequency.
  • AMD has confirmed that its processors are vulnerable to both variants of Spectre, and the the fix for variant #2 will require a forthcoming microcode update, in addition to OS level mitigations
  • Fujitsu has provided a status report for most of its products, including SPARC hardware

• The Register of course has some commentary

If new code is needed, Intel will need to get it right: the company already faces numerous class action lawsuits. Data centre operators already scrambling to conduct unplanned maintenance will not be happy about the fix reducing stability.
AMD has said that operating system patches alone will address the Spectre bounds check bypass bug. Fixing Spectre’s branch target injection flaw will require firmware fixes that AMD has said will start to arrive for Ryzen and EPYC CPUs this week.
The Register has also asked other server vendors how they’re addressing the bugs. Oracle has patched its Linux, but has told us it has “No comment/statement on this as of now” in response to our query about its x86 systems, x86 cloud, Linux and Solaris on x86. The no comment regarding Linux is odd as fixes for Oracle Linux landed here on January 9th.
SPARC-using Fujitsu, meanwhile, has published advice (PDF) revealing how it will address the twin bugs in its servers and PCs, and also saying its SPARC systems are “under investigation”.

• Response from OpenBSD:

'Meltdown, aka "Dear Intel, you suck"'

• Theo de Raadt's response to Meltdown

• That time in 2007 when Theo talked about how Intel x86 had major design problems in their chips

• OpenBSD gets a Microcode updater

• Listen Now