Proxmox Node L1TF CPU bug present

D

danyal.hassan

Member
Aug 26, 2021
2
0
6
34
Hi I have few proxmox nodes including standalone and cluster-based some of them are showing this common error can anyone help me to understand what does it mean. is it an attack?


May 16 07:59:27 Node2 kernel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
May 16 07:59:27 Node2 kernel: FS-Cache: Loaded
May 16 07:59:28 Node2 kernel: FS-Cache: Netfs 'nfs' registered for caching
May 16 07:59:28 Node2 kernel: NFS: Registering the id_resolver key type
May 16 07:59:28 Node2 kernel: Key type id_resolver registered
May 16 07:59:28 Node2 kernel: Key type id_legacy registered




May 16 07:59:19 Node2 pve-guests[1428]: <root@pam> starting task UPID:Node2:00000595:00000745:********:startall::root@pam:
May 16 07:59:19 Node2 pve-guests[1428]: <root@pam> end task UPID:Node2:00000595:00000745:********:startall::root@pam: OK
 
The message is not about an attack in progress. A lot of CPUs are vulnerable to getting their memory contents read by hostile (external) processes because of speculative execution (especially when using SMT). L1TF is just one of those variants. The Linux kernel just reports on those hardware vulnerabilities. You can check for (some of the known) vulnerabilities and whether mitigations are in place using spectre-meltdown-checker (on the Proxmox host and on Linux VMs, I don't know about Windows or FreeBSD).
 
  • Like
Reactions: datschlatscher
But one thing is weird I found the same error simultaneously on multiple nodes and all of them were restarted or down and all VMs were also down is it also normal?
 
danyal.hassan said:
But one thing is weird I found the same error simultaneously on multiple nodes and all of them were restarted or down and all VMs were also down is it also normal?
Click to expand...
Whatever happened to your nodes, it is unlikely that it has anything to do with that warning.
danyal.hassan said:
May 16 07:59:27 Node2 kernel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
May 16 07:59:27 Node2 kernel: FS-Cache: Loaded
May 16 07:59:28 Node2 kernel: FS-Cache: Netfs 'nfs' registered for caching
May 16 07:59:28 Node2 kernel: NFS: Registering the id_resolver key type
May 16 07:59:28 Node2 kernel: Key type id_resolver registered
May 16 07:59:28 Node2 kernel: Key type id_legacy registered
May 16 07:59:19 Node2 pve-guests[1428]: <root@pam> starting task UPID:Node2:00000595:00000745:********:startall::root@pam:
May 16 07:59:19 Node2 pve-guests[1428]: <root@pam> end task UPID:Node2:00000595:00000745:********:startall::root@pam: OK
Click to expand...
I don't see any errors or problems in this part of your log. I think you need to look for other clues.
 
Did you ever find the issue? I just got access to a Dell R640 and can not start any VMs. This error is the only lead I have found...
 
You must log in or register to reply here.
Top Bottom