Merge pull request #9919 from geekpi/new

translated

sources/tech/20180815 How the L1 Terminal Fault vulnerability affects Linux systems.md

@@ -1,55 +0,0 @@
-translating---geekpi
-
-How the L1 Terminal Fault vulnerability affects Linux systems
-======
-
-![](https://images.idgesg.net/images/article/2018/08/l1tf-copy-100768129-large.jpg)
-
-Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?
-
-### L1TF, L1 Terminal Fault, and Foreshadow
-
-The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it "Foreshadow". It is similar to vulnerabilities discovered in the past (such as Spectre).
-
-This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes.
-
-**[ Read also:[22 essential Linux security commands][1] ]**
-
-Three CVEs have been assigned to this issue:
-
-  * CVE-2018-3615 for Intel Software Guard Extensions (Intel SGX)
-  * CVE-2018-3620 for operating systems and System Management Mode (SMM)
-  * CVE-2018-3646 for impacts to virtualization
-
-
-
-An Intel spokesman made this statement regarding this issue: _" L1 Terminal Fault is addressed by microcode updates released earlier this year, coupled with corresponding updates to operating system and hypervisor software that are available starting today. We’ve provided more information on our web site and continue to encourage everyone to keep their systems up-to-date, as it's one of the best ways to stay protected. We’d like to extend our thanks to the researchers at imec-DistriNet, KU Leuven, Technion- Israel Institute of Technology, University of Michigan, University of Adelaide and Data61 and our industry partners for their collaboration in helping us identify and address this issue."_
-
-### Does L1TF affect your Linux system?
-
-The short answer is "probably not." You should be safe if you’ve patched your system since the earlier [Spectre and Meltdown vulnerabilities][2] were exposed back in January. As with Spectre and Meltdown, Intel claims that no real-world cases of systems being affected have been reported or detected. They also have said that the changes are unlikely to incur noticeable performance hits on individual systems, but they might represent significant performance hits for data centers using virtualized operating systems.
-
-Even so, frequent patches are always recommended. To check your current kernel level, use the **uname -r** command:
-```
-$ uname -r
-4.18.0-041800-generic
-
-```
-
-
---------------------------------------------------------------------------------
-
-via: https://www.networkworld.com/article/3298157/linux/linux-and-l1tf.html
-
-作者：[Sandra Henry-Stocker][a]
-选题：[lujun9972](https://github.com/lujun9972)
-译者：[译者ID](https://github.com/译者ID)
-校对：[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
-
-[a]:https://www.networkworld.com/author/Sandra-Henry_Stocker/
-[1]:https://www.networkworld.com/article/3272286/open-source-tools/22-essential-security-commands-for-linux.html
-[2]:https://www.networkworld.com/article/3245813/security/meltdown-and-spectre-exploits-cutting-through-the-fud.html
-[3]:https://www.facebook.com/NetworkWorld/
-[4]:https://www.linkedin.com/company/network-world

translated/tech/20180815 How the L1 Terminal Fault vulnerability affects Linux systems.md

@@ -0,0 +1,53 @@
+L1 终端错误漏洞如何影响 Linux 系统
+======
+
+![](https://images.idgesg.net/images/article/2018/08/l1tf-copy-100768129-large.jpg)
+
+昨天在英特尔、微软和红帽的安全建议中宣布，一个新发现的漏洞英特尔处理器（还有 Linux）的漏洞称为 L1TF 或 “L1 Terminal Fault”，引起了 Linux 用户和管理员的注意。究竟什么是这个漏洞，谁应该担心它？
+
+### 1TF、 L1 Terminal Fault 和 Foreshadow
+
+处理器漏洞由 L1TF、L1 Terminal Fault 和 Foreshadow 组成。研究人员在 1 月份发现了这个问题并向英特尔报告称其为 “Foreshadow”。它类似于过去发现的漏洞（例如 Spectre）。
+
+此漏洞是特定于 Intel 的。其他处理器不受影响。与其他一些漏洞一样，它之所以存在，是因为设计时为了优化内核处理速度，但允许其他进程访问数据。
+
+**[另请阅读：[22 个必要的 Linux 安全命令][1]]**
+
+已为此问题分配了三个 CVE：
+
+  * CVE-2018-3615：英特尔软件保护扩展（英特尔 SGX）
+  * CVE-2018-3620：操作系统和系统管理模式（SMM）
+  * CVE-2018-3646：虚拟化的影响
+
+
+
+英特尔发言人就此问题发表了这一声明：_“L1 Terminal Fault 通过今年早些时候发布的微代码更新得到解决，再加上从今天开始提供的操作系统和虚拟机管理程序软件的相应更新。我们在网上提供了更多信息，并继续鼓励每个人更新系统，因为这是受到保护的最佳方式之一。我们要感谢 imec-DistriNet、KU Leuven、以色列理工学院，密歇根大学，阿德莱德大学和 Data61 的研究人员以及我们的行业合作伙伴，他们帮助我们识别和解决了这个问题。“_
+
+### L1TF 会影响你的 Linux 系统吗？
+
+简短的回答是“可能不会”。如果你因为在今年 1 月爆出的[ Spectre 和 Meltdown 漏洞][2]修补过系统，那你应该是安全的。与 Spectre 和 Meltdown 一样，英特尔声称真实世界中还没有系统受到影响的报告或者检测到。他们还表示，这些变化不太可能在单个系统上产生明显的性能影响，但它们可能对使用虚拟化操作系统的数据中心产生大的影响。
+
+即使如此，仍然推荐频繁地打补丁。要检查你当前的内核版本，使用 **uname -r** 命令：
+```
+$ uname -r
+4.18.0-041800-generic
+
+```
+
+
+--------------------------------------------------------------------------------
+
+via: https://www.networkworld.com/article/3298157/linux/linux-and-l1tf.html
+
+作者：[Sandra Henry-Stocker][a]
+选题：[lujun9972](https://github.com/lujun9972)
+译者：[geekpi](https://github.com/geekpi)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:https://www.networkworld.com/author/Sandra-Henry_Stocker/
+[1]:https://www.networkworld.com/article/3272286/open-source-tools/22-essential-security-commands-for-linux.html
+[2]:https://www.networkworld.com/article/3245813/security/meltdown-and-spectre-exploits-cutting-through-the-fud.html
+[3]:https://www.facebook.com/NetworkWorld/
+[4]:https://www.linkedin.com/company/network-world