Protecting your 5105-22E, 9008-22L, 9009-22A, 9009-22G, 9009-41A, 9009-41G, 9009-42A, 9009-42G, 9223-22H, 9223-22S, 9223-42H, and 9223-42S servers against “Spectre” and “Meltdown”

Protect your 5105-22E, 9008-22L, 9009-22A, 9009-22G, 9009-41A, 9009-41G, 9009-42A, 9009-42G, 9223-22H, 9223-22S, 9223-42H, and 9223-42S servers from “Spectre” and “Meltdown” vulnerabilities.

Introduction

Three security vulnerabilities that allow unauthorized users to bypass the hardware barrier between applications and kernel memory are available public. These vulnerabilities use speculative execution to execute side-channel information disclosure attacks.

The first two vulnerabilities, CVE-2017-5753 and CVE-2017- 5715 (collectively known as Spectre) allow user-level code to infer data from unauthorized memory.

The third vulnerability, CVE-2017-5754 (known as Meltdown), allows user-level code to infer the contents of kernel memory. The vulnerabilities are all variants of the same class of attacks but differ in the way that speculative execution might be used.

While these vulnerabilities do not allow an external unauthorized party to gain access to a machine, they might allow a party with access to a system to access unauthorized data.

Since the customer-specific operating environments, including system (including use of Power® Hypervisor) application, and operating systems are varied, POWER9™ systems (5105-22E, 9008-22L, 9009-22A, 9009-22G, 9009-41A, 9009-41G, 9009-42A, 9009-42G, 9223-22H, 9223-22S, 9223-42H, and 9223-42S) provide the option for customers to control speculative execution at a system level, to meet their individual security standards.

Options for speculative execution control on 9008-22L, 9009-22A, 9009-41A, 9009-42A, 9223-22H, and 9223-42H systems are as follows.
  1. Speculative execution controls to mitigate user-to-kernel and user-to-user side-channel attacks
  2. Speculative execution controls to mitigate user-to-kernel side-channel attacks
  3. Speculative execution fully enabled
Options for speculative execution control on 5105-22E, 9009-22G, 9009-41G, 9009-42G, 9223-42S, and 9223-22S systems are as follows.
  1. Speculative execution controls to mitigate user-to-kernel and user-to-user side-channel attacks
  2. Speculative execution fully enabled

Speculative execution controls to mitigate user-to-kernel and user-to-user side-channel attacks

This mode is designed for systems that need to mitigate exposures of the hypervisor, operating systems, and user application data to untrusted code. For the 5105-22E, 9008-22L, 9009-22A, 9009-22G, 9009-41A, 9009-41G, 9009-42A, 9009-42G, 9223-22S and 9223-42S models this mode is set as the default.

Speculative execution controls to mitigate user-to-kernel side-channel attacks

This mode is designed for systems that need to mitigate against the threat of lower privileged code accessing operating system secrets as described in CVE-2017-5753, CVE-2017- 5715, and CVE-2017-5754. For the 9223-22H, 9223-42H models this mode is set as the default.
Note: Enabling this option can expose any user-accessible data in the system to CVE-2017-5753, CVE-2017- 5715, and CVE-2017-5754. This includes any partitions that are migrated (using Live Partition Mobility) to this system.

Speculative execution fully enabled

This optional mode is designed for systems where the hypervisor, operating system, and applications can be fully trusted.
Note: Enabling this option could expose the system to CVE-2017-5753, CVE-2017- 5715, and CVE-2017-5754. This includes any partitions that are migrated (by using Live Partition Mobility) to this system.

Accessing speculative execution control options

Speculative execution control options can be accessed using the Advanced Systems Management Interface (ASMI) menu under System Configuration > Speculative Execution Control. This setting can be changed when the system is in powered off state.