Mitigating Spectre and Meltdown vulnerabilities in new and existing programs
Spectre and Meltdown vulnerabilities could allow untrusted programs to obtain unauthorized access to data as described in CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, and CVE-2018-3639.
To determine whether to take mitigation actions, your system administrator must assess the risk that programs running on your system would intentionally try to read unauthorized data. Exploiting Spectre and Meltdown vulnerabilities requires a deliberate attack rather than an accidental program error. If you trust the providers of the programs that run on your system, and you have controls in place to prevent untrusted programs from being installed or created, you might choose not to take the mitigation actions. However, if you're unsure about trusting programs that run on your system, you might choose to take the mitigation actions.
The security level (system value QSECURITY) has no direct effect on Spectre and Meltdown vulnerabilities. However, if your system is running at a security level less than 40, users have more direct ways to gain unauthorized access to data.
- Enter STRSST (Start SST) on an IBM® i command line and sign on.
- Select option 1 (Start a service tool)
- Select option 4 (Display/Alter/Dump)
- Select option 1 (Display/Alter storage)
- Select option 2 (Licensed Internal Code (LIC) data)
- Select option 14 (Advanced analysis)
- On the Select Advanced Analysis Command display, enter option 1 (Select) next to OXMITIGATIONS.
- On the Specify Advanced Analysis Options display, enter enable in the options field and press enter.
- The system will display the resulting mitigation setting, similar to the following:
- Display Formatted Data - Page/Line. . . 1 - Columns. . . : 1 - 78 -Find . . . . . . . . . . . -....+....1....+....2....+....3....+....4....+....5....+....6....+....7 - DISPLAY/ALTER/DUMP -Running macro: OXMITIGATIONS ENABLE -System-Wide Translator Mitigation Controls - OX level: 5 - Mitigations enabled
On the Specify Advanced Analysis Options display, in the options field you can also enter display, disable, or help.
After enabling mitigations, creating new objects (*PGM, *SRVPGM, or *MODULE object types) from source code will mitigate those objects for Spectre and Meltdown vulnerabilities.
- Create the programs again by compiling the source code.
- Follow conversion directions in article Simple IBM i Program and Module Conversion
- Restore the programs, either after setting the Force conversion on restore (QFRCCVNRST) system value to 7 (All objects will be converted) or by specifying the parameter FRCOBJCVN(*YES *ALL) on the restore command (such as RST, RSTOBJ, RSTLIB, RSTLICPGM).
- Use the Display Program (DSPPGM) or Display Service Program (DSPSRVPGM) command to see whether the program has all creation data (for ILE programs) or observable information (for OPM programs). If the program shows "All creation data *YES" or "Observable information *ALL", you can use the Change Program (CHGPGM) or Change Service Program (CHGSRVPGM) command with parameter FRCCRT(*YES) to force the program to be created again.
Additionally, if you expect that untrusted programs might be restored in the future, the system administrator can set the QFRCCVNRST system value to 7 (All objects will be converted) so that programs will be converted with mitigations during restore.
The OXMITIGATIONS setting will be retained if the Licensed Internal Code is upgraded or replaced using an option that does not remove data from your system. If the Licensed Internal Code is installed using an option that removes all data from your system you will need to set the OXMITIGATIONS setting again.