FreeBSD mds mitigation.
Konstantin Belousov
kostikbel at gmail.com
Wed Jul 10 09:52:58 UTC 2019
On Wed, Jul 10, 2019 at 09:06:31AM +0200, damian at damianek.be wrote:
> Hello
>
> FreeBSD 11.2-RELEASE-p11
> CPU: Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz (2594.05-MHz K8-class CPU)
>
> sysctl hw.mds_disable was set to 3 (Automatic VERW or Software selection),
> HT disabled in BIOS, and i install manually latest CPU microcode from
> https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/
>
> I wonder why hw.mds_disable_state shows
> hw.mds_disable_state: software Broadwell
> instead VERW?
>
> sysctl hw.mds_disable=1 causes hw.mds_disable_state: VERW
>
> These automatic selection works correctly?
No idea.
How did you installed the microcode ? Was it loaded ?
Show the dmesg output after the 'cpucontrol -e /dev/cpuctl0'.
More information about the freebsd-security
mailing list