[OpenPower-Firmware] security fixes for meltdown/spectre on P8
Stewart Smith
stewart at linux.vnet.ibm.com
Mon Mar 5 10:54:50 AEDT 2018
Sergey Kachkin <s.kachkin at gmail.com> writes:
> We are building PNOR for our own P8 system and I'm cc'ing the BMC-PNOR
> team.
Ahh, cool.
> I've read that firmware to mitigate Spectre/Meltdown vulnerabilities have
> been released on S8*LC systems but situation with OpenPOWER is not clear
> yet.
We probably should have better process (err... *any* process) for these
kind of issues and the upstream firmware project (especially as the
number of companies making openpower systems increases).
We should probably work on this in the OpenPOWER Foundation System
Software workgroup, and make recommendations to the TSC and Board on
what the policy and procedures should be.
> To be honest I'm not sure what code exactly IBM implemented on their
> machines but wondering if there any plans to contribute this code to
> OpenPOWER (if not already done)?
As Dan mentioned, it should all be upstream now. For the IBM service
packs, we're based on some pretty weird old branches (which doesn't help
others too much). Going with the latest op-build release though
(currently v1.21) should get you everything you need.
(It'd be great if you could upstream your platform, as then it probably
would just be a recompile rather than a rebase for you).
--
Stewart Smith
OPAL Architect, IBM.
More information about the OpenPower-Firmware
mailing list