[OpenPower-Firmware] security fixes for meltdown/spectre on P8

Sergey Kachkin s.kachkin at gmail.com
Fri Mar 2 05:45:58 AEDT 2018 

Hi Daniel,

thanks, so we have at least part of the fix since Dec'17.  Wondering if
there a big picture  of all necessary changes somewhere.

I went through release note but noted only some P9 changes, like below:
https://github.com/open-power/hostboot/commit/fcf7d0e3f5fe

Not sure if it ever related though.


regards,
Sergey

On Thu, Mar 1, 2018 at 8:13 PM, Daniel M Crowell <dcrowell at us.ibm.com>
wrote:

> The processor inits that are required for these fixes are out in github
> already.  The changes are part of the hostboot-binaries repo.
>
> This commit should have everything - https://github.com/open-power/
> hostboot-binaries/commit/fc2f7b939f340ba2e33382f6fcb9f908ad554186
>
> Note - I'm not commented on any skiboot-level changes that may be needed.
> I'm totally out of that conversation.
>
> --
> Dan Crowell
> Senior Software Engineer - Power Systems Enablement Firmware
> IBM Rochester: t/l 553-2987
> dcrowell at us.ibm.com
>
>
>
> From:        Sergey Kachkin <s.kachkin at gmail.com>
> To:        openpower-firmware at lists.ozlabs.org
> Cc:        obmc at yadro.com
> Date:        03/01/2018 09:46 AM
> Subject:        Re: [OpenPower-Firmware] security fixes for
> meltdown/spectre on P8
> Sent by:        "OpenPower-Firmware" <openpower-firmware-bounces+dcrowell=
> us.ibm.com at lists.ozlabs.org>
> ------------------------------
>
>
>
> Hi Stewart,
>
> We are building PNOR for our own P8 system and I'm cc'ing  the BMC-PNOR
> team.
> I've read that firmware to mitigate Spectre/Meltdown vulnerabilities have
> been released on S8*LC systems but situation with OpenPOWER is not clear
> yet.
>
> To be honest I'm not sure what code exactly IBM implemented on their
> machines but wondering if there any plans to contribute this code to
> OpenPOWER (if not already done)?
>
>
> thanks,
>
> regards,
> Sergey
> YADRO
> Engineer
>
> On Wed, Jan 31, 2018 at 4:36 PM, Sergey Kachkin <*s.kachkin at gmail.com*
> <s.kachkin at gmail.com>> wrote:
> Hi Team,
>
> from the published info i realised that both OS and FW patches are needed
> for CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 issues mitigation.
>
> Are there any plans/timeline for including related fixes into P8 PNOR?
>
> thanks,
>
>
> regards,
> Sergey
> _______________________________________________
> OpenPower-Firmware mailing list
> OpenPower-Firmware at lists.ozlabs.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.
> ozlabs.org_listinfo_openpower-2Dfirmware&d=DwIGaQ&c=jf_
> iaSHvJObTbx-siA1ZOg&r=mCj3CQvqek9g0fdziO-GEHyU1m9T3SAh0ZPd5s_AGpo&m=
> X2enJEdH-l8_f_JYvU4H0-QcEVhVzx-E5VA81OM45wk&s=
> DK8ZNbg9TKKStlMMEnUkC6gr0sv9QE939UeBxBlHf5M&e=
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openpower-firmware/attachments/20180301/fe8db571/attachment-0001.html>

More information about the OpenPower-Firmware mailing list