Re: [gentoo-user] microcode applied?

2018-01-09 Thread Rich Freeman
On Tue, Jan 9, 2018 at 4:26 AM, Wols Lists wrote: > On 08/01/18 13:52, Rich Freeman wrote: >> There is also a lot of discussion on lkml about the right fix. We >> might very well end up seeing both AMD- and Intel-specific fixes with >> conditional logic. The two

Re: [gentoo-user] microcode applied?

2018-01-09 Thread Adam Carter
> > Hopefully there's an equivalent for AMD. > Here's what I came up with. This is very hacky and unreliable, but get the CPUID with; cpuid -r | grep "0x0001 0x00" | awk '{ print $3}' | uniq | cut -d x -f 3 then grab MCE (thanks Max for the suggestion) from

Re: [gentoo-user] microcode applied?

2018-01-09 Thread Peter Humphrey
On Tuesday, 9 January 2018 07:31:35 GMT Mick wrote: > On Tuesday, 9 January 2018 00:15:03 GMT Peter Humphrey wrote: > > On Monday, 8 January 2018 10:29:41 GMT Max Zettlmeißl wrote: > > > > How do you build the microcode into the kernel? The only > > > > place I can see to do that in menuconfig is

Re: [gentoo-user] microcode applied?

2018-01-09 Thread Wols Lists
On 08/01/18 13:52, Rich Freeman wrote: > There is also a lot of discussion on lkml about the right fix. We > might very well end up seeing both AMD- and Intel-specific fixes with > conditional logic. The two vendors don't really seem to be > coordinating on this. Intel is pushing patches that

Re: [gentoo-user] microcode applied?

2018-01-09 Thread Jorge Almeida
On Tue, Jan 9, 2018 at 12:15 AM, Peter Humphrey wrote: > On Monday, 8 January 2018 10:29:41 GMT Max Zettlmeißl wrote: >> > How do you build the microcode into the kernel? The only >> > place I can see to do that in menuconfig is under Device Drivers; >> > there's no such

Re: [gentoo-user] microcode applied?

2018-01-09 Thread Adam Carter
> > > The Device Drivers section is exactly where the microcode is included. > > CONFIG_EXTRA_FIRMWARE is the relevant symbol. > > Right. So which of the 95 files under /lib/firmware/intel-ucode do I > specify? That's in addition to the 14 files I have for my amdgpu. > > For intel; iucode_tool -L

Re: [gentoo-user] microcode applied?

2018-01-09 Thread Neil Bothwick
On Tue, 09 Jan 2018 00:15:03 +, Peter Humphrey wrote: > > > How do you build the microcode into the kernel? The only > > > place I can see to do that in menuconfig is under Device Drivers; > > > there's no such field under Firmware. > > > > The Device Drivers section is exactly where the

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Mick
On Tuesday, 9 January 2018 00:15:03 GMT Peter Humphrey wrote: > On Monday, 8 January 2018 10:29:41 GMT Max Zettlmeißl wrote: > > > How do you build the microcode into the kernel? The only > > > place I can see to do that in menuconfig is under Device Drivers; > > > there's no such field under

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Rich Freeman
On Sun, Jan 7, 2018 at 11:42 PM, wrote: > You really can't fix it completely in > software on either brand, at best you are counting on code to protect code > from a hardware on intel, and more mild but still dangerous design issues > on both. As far as I

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Corbin Bird
On 01/07/2018 09:24 PM, Adam Carter wrote: > Does the absence of a "microcode updated" message in dmesg imply that > the microcode was not updated? > > I believe my fam10/barcelona AMD CPU will use > amd-ucode/microcode_amd.bin but there's no update message. > > I've checked the config against

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Peter Humphrey
On Monday, 8 January 2018 10:29:41 GMT Max Zettlmeißl wrote: > > How do you build the microcode into the kernel? The only > > place I can see to do that in menuconfig is under Device Drivers; > > there's no such field under Firmware. > > The Device Drivers section is exactly where the microcode

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Mick
On Monday, 8 January 2018 09:05:02 GMT Max Zettlmeißl wrote: > It seems like there are no microcode updates for your specific CPU > bundled in linux-firmware. Only two out of three Intel boxen here report an early update of microcode in dmesg. Even when they do, it is not certain the latest

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Adam Carter
On Mon, Jan 8, 2018 at 9:14 PM, Peter Humphrey wrote: > On Monday, 8 January 2018 04:55:58 GMT Max Zettlmeißl wrote: > > > You can either use an initrd or build the microcode into your kernel > > image. I prefer the latter. > > I'm confused now. How do you build the

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Max Zettlmeißl
> How do you build the microcode into the kernel? The only > place I can see to do that in menuconfig is under Device Drivers; there's no > such field under Firmware. The Device Drivers section is exactly where the microcode is included. CONFIG_EXTRA_FIRMWARE is the relevant symbol.

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Peter Humphrey
On Monday, 8 January 2018 04:55:58 GMT Max Zettlmeißl wrote: > You can either use an initrd or build the microcode into your kernel > image. I prefer the latter. I'm confused now. How do you build the microcode into the kernel? The only place I can see to do that in menuconfig is under Device

Re: [gentoo-user] microcode applied?

2018-01-08 Thread Max Zettlmeißl
> Since I dont know where look up firmware version numbers i'm in the dark. You can use MC Extractor to extract the metadata associated with the AMD microcode updates. The microcode_amd.bin which is part of sys-kernel/linux-firmware-20180103-r1 contains the following microcode updates: CPUID

Re: [gentoo-user] microcode applied?

2018-01-07 Thread Adam Carter
On Mon, Jan 8, 2018 at 3:55 PM, Max Zettlmeißl wrote: > > The contents of cpuinfo is the same as the messages in dmesg. What does > that > > imply? > > Your BIOS or EFI might already install the same version or a later > version than what the microcode package provides.

Re: [gentoo-user] microcode applied?

2018-01-07 Thread Max Zettlmeißl
> The contents of cpuinfo is the same as the messages in dmesg. What does that > imply? Your BIOS or EFI might already install the same version or a later version than what the microcode package provides. Although the second case is highly unlikely. The update might also just not get applied

Re: [gentoo-user] microcode applied?

2018-01-07 Thread mad.scientist.at.large
There is also a test program to see if the vulnerability is there, i'd definately check that as well, best to check both considering how terrible the but is.  frankly amd and intel will still have software vulnerabilities, particular apps are being patched but if an exploit is developed in the

Re: [gentoo-user] microcode applied?

2018-01-07 Thread Adam Carter
> > The easiest way to check whether the microcode update was applied > correctly would be to check the microcode version in /proc/cpuinfo > The contents of cpuinfo is the same as the messages in dmesg. What does that imply?

Re: [gentoo-user] microcode applied?

2018-01-07 Thread Max Zettlmeißl
> Does the absence of a "microcode updated" message in dmesg imply that the > microcode was not updated? Not necessarily. > Is there a way to turn on debugging? The easiest way to check whether the microcode update was applied correctly would be to check the microcode version in /proc/cpuinfo

[gentoo-user] microcode applied?

2018-01-07 Thread Adam Carter
Does the absence of a "microcode updated" message in dmesg imply that the microcode was not updated? I believe my fam10/barcelona AMD CPU will use amd-ucode/microcode_amd.bin but there's no update message. I've checked the config against another system that works and cant see any errors. Is