HI Troels, This comment is from a Chris Robinson (redhat guru) on there Kernel Side-Channel Attack web page
Subscribers are advised to contact their hardware OEM to receive the appropriate microcode/firmware for their processor. Given the tight timeframe that incident was released, Red Hat was not provided a complete set of microcode to cover all affected CPUs. We will be providing both microcode_ctl and linux_firmware that covers the limited subset of chipsets we were able to test, but this will NOT address many CPUs that you may have in use in your server fleet. Again, contacting your hardware vendor will ensure you have the appropriate software to enable the protections for Variant 2 of this issue. Larry Lorenzen Linux System Administrator [email protected] Office (773)-553-3634 Cell (847)-708-1132 On Fri, Jan 5, 2018 at 6:12 PM, Troels Arvin <[email protected]> wrote: > Hello, > > Red Hat and others have released a bunch of updated software which > provides workarounds for the Spectre/Meltdown trouble. I have updated some > Poweredge R720s and an HPE ProLiant BL460c Gen9 server. On the Dell > servers, the Spectre/Meltdown work-arounds are not enabled after boot, > wereas on the HPE server, the workaround is enabled. All serves have the > latest available firmware/BIOSes. > > I check for the workarounds being enabled by checking the value of > /sys/kernel/debug/x86/ibrs_enabled and /sys/kernel/debug/x86/ibpb_enabled > after boot. On the Dell servers, both have a value of 0, whereas on the HPE > server, the value of both is 1. As I see it, my Dell servers are not safe > yet, while my HPE server is. > > Red Hat article https://access.redhat.com/articles/3311301 states that > the above mentioned workarounds are enabled at boot time, based upon the > architecture detected. So it seems that the microcode_ctl tool does not > recognize our PowerEdge R720s as being an architecture where the > workarounds are to be enabled. > > I wonder how this situation is to be fixed? Does Dell have to release > updated firmware/BIOS? Does the microcode_ctl package need to have stuff > added from Intel or Dell? Or...? > > -- > Regards, > Troels Arvin <[email protected]> > http://troels.arvin.dk/ > > _______________________________________________ > Linux-PowerEdge mailing list > [email protected] > https://lists.us.dell.com/mailman/listinfo/linux-poweredge >
_______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
