dave_boo Posted January 29, 2018 Share Posted January 29, 2018 So, as you can see by the attached screenshot I'm on an older kernel. Has anyone been able to update to a newish kernel and had the proprietary nvidia driver install properly? I'm currently running the latest, 384.111, but when installing either from obs (a testing repo) or building my own, the results are the same...nothing good. Luckily I have snapper to revert back very quickly. I'd really like to have some protection against meltdown/spectre: dave_boo@linux-0xyx:~> cd /tmp/ dave_boo@linux-0xyx:/tmp> sudo wget https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh [sudo] password for root: --2018-01-29 00:41:39-- https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.40.133 Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.40.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 57304 (56K) [text/plain] Saving to: ‘spectre-meltdown-checker.sh.1’ 100%[====================================================================================================================>] 57,304 --.-K/s in 0.1s 2018-01-29 00:41:39 (565 KB/s) - ‘spectre-meltdown-checker.sh.1’ saved [57304/57304] dave_boo@linux-0xyx:/tmp> sudo sh spectre-meltdown-checker.sh Spectre and Meltdown mitigation detection tool v0.32 Checking for vulnerabilities against running kernel Linux 4.4.103-36-default #1 SMP Wed Dec 13 14:10:37 UTC 2017 (8ffa695) x86_64 CPU is Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' * Checking count of LFENCE opcodes in kernel: NO > STATUS: VULNERABLE (only 27 opcodes found, should be >= 70, heuristic to be improved when official patches become available) CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' * Mitigation 1 * Hardware (CPU microcode) support for mitigation * The SPEC_CTRL MSR is available: NO * The SPEC_CTRL CPUID feature bit is set: NO * Kernel support for IBRS: NO * IBRS enabled for Kernel space: NO * IBRS enabled for User space: NO * Mitigation 2 * Kernel compiled with retpoline option: NO * Kernel compiled with a retpoline-aware compiler: NO > STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability) CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3' * Kernel supports Page Table Isolation (PTI): NO * PTI enabled and active: NO * Checking if we're running under Xen PV (64 bits): NO > STATUS: VULNERABLE (PTI is needed to mitigate the vulnerability) A false sense of security is worse than no security at all, see --disclaimer Link to comment Share on other sites More sharing options...
Guest StephenB Posted February 1, 2018 Share Posted February 1, 2018 Hey Dave, I have 3 Linux gamers with Nvidia. I have been using Nvidia drivers for a couple years. Every time the kernel updates I need to re-install the driver. Takes me 3 minutes or less. I keep the latest driver in a folder for just such a situation . When the desktop session refuses to start- I just Control +Alt + F1 into the shell (Control +Alt +F7 will get you back to desktop). Stop my display manager (In my case its sddm) go to the Nvidia driver in my folder and install it manually. (you may need build-essentials and a couple other things). 20 seconds to install, then I restart display manager (sudo service sddm start). No problems whats so ever, kind of annoying but my skills are limited to the above. Hope this helps. Also I am running KDE neon. If you use Luks full disk, you will need to edit grub to nomodeset and I delete splash quiet. Link to comment Share on other sites More sharing options...
dave_boo Posted February 1, 2018 Author Share Posted February 1, 2018 9 hours ago, StephenB said: Hey Dave, I have 3 Linux gamers with Nvidia. I have been using Nvidia drivers for a couple years. Every time the kernel updates I need to re-install the driver. Takes me 3 minutes or less. I keep the latest driver in a folder for just such a situation . When the desktop session refuses to start- I just Control +Alt + F1 into the shell (Control +Alt +F7 will get you back to desktop). Stop my display manager (In my case its sddm) go to the Nvidia driver in my folder and install it manually. (you may need build-essentials and a couple other things). 20 seconds to install, then I restart display manager (sudo service sddm start). No problems whats so ever, kind of annoying but my skills are limited to the above. Hope this helps. Also I am running KDE neon. If you use Luks full disk, you will need to edit grub to nomodeset and I delete splash quiet. From a terminal can you do a uname -a and report back? This will help me determine if you're on a much more recent kernel which is what I apparently didn't explain well enough. And from grub2 I choose the kernel that I want to boot with the arrow keys, push "e", and then add a "3" to the end of the boot options before installing the nvidia driver. This ensures that no display manager even thinks about loading. When done a "shutdown -r now" reboots the system. Link to comment Share on other sites More sharing options...
Guest StephenB Posted February 1, 2018 Share Posted February 1, 2018 4.13.0-32-generic #35~16.04.1-Ubuntu SMP Thu Jan 25 10:13:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.