On Tue, April 24, 2018 11:31 pm, Nico Huber wrote: > On 25.04.2018 00:18, [email protected] wrote:
>> I can't believe everyone else is so nonchalant about all this >> considering how important it is I still haven't figured out how to update >> the microcode on any of my computers - no guides I have found actually >> work and no distros have the new microcode for intel or amd despite it >> having been months. I'm not nonchalant, but I'm not entirely sure what to do with those patch files and was hoping to see a new amd microcode 15h bin with them incorporated. > I can't believe everybody is so nonchalant about Rowhammer but many > people make a big thing out of the comparatively tiny Spectre problem. > >> >> For the best security one should have both the new microcode and the >> lfence msr? > > Not for the best but for any security, you have to understand first that > both options only change something if your software is prepared to uti- > lize them. First update your software, then check what it needs / what the > developers expect (the new microcode I'd guess). If I remember the earlier discussion right on that lfence msr, the OS can also set it so although it would be nice if coreboot did as well, it's not required? -- coreboot mailing list: [email protected] https://mail.coreboot.org/mailman/listinfo/coreboot
