Is there a fix for CVE-2023-31315 in the latest versions of SmartOS?

it sounds the fix is updated microcode, and I think the latest is 20240710 (AMD) and 20240910 (Intel)... which looks like it includes the fix, though may want to look for your specific model CPU to confirm

Looks like the fix is dependent on the specific cpu generation and model; some have not yet been released. amd.com/en/resources/product-security/bulletin/amd-sb-7014.html

These are the relevant bug numbers to the most recent microcode updates that we ship: illumos#16664 illumos#16396

The microcode updates are part of platform, not a package, right?

Correct.

thanks

We ship whatever is in illumos-gate.

thanks

Any of you try using a Coral TPU in a zone? coral.ai/products I want to setup frigate.video

Not natively, but you could use PPT with a little jiggering to pass it to a "supported OS" BHYVE guest.

PPT needs more than a little jiggering for right now, but it can be done.

it does look like all of the underlying software to talk to it is open source, so it would be possible (thought not sure how difficult -- always a key bit) to get at least the USB version to work via ugen and passing the device into a zone

(though if using bhye in a zone, you still I believe need to do PPT)

the m2 / pcie would require PPT

.... though one my house is (finally) done... I'll probably be looking into something like this to run in a zone on my home server....