>it looks like Dell is not planning […] an updated microcode, for 12th gen >servers
Probably updates for PE gen12 will still come: "The tables [...] lists those products for which there is an available BIOS update. [...] If you do not see your platform, please check later." --- Christian Korneck Lead IT Systems Architect Mackevision Medien Design GmbH Forststraße 7 70174 Stuttgart T +49 711 93 30 48 694 F +49 711 93 30 48 90 M +49 151 19 56 66 44 [email protected] www.mackevision.com<http://www.mackevision.com/?utm_source=E-Mail-Signatur&utm_medium=E-Mail&utm_campaign=Mackevision-Link> Geschäftsführer: Armin Pohl, Joachim Lincke, Jens Pohl HRB 243735 Amtsgericht Stuttgart --- TO CREATE REALITY SHOWREEL: Watch our latest Showreel 2017<http://www.mackevision.com/references/mackevision-showreel-2017/?utm_source=E-Mail-Signatur&utm_medium=E-Mail&utm_campaign=Showreel-2017> ISO 9001: Mackevision is certified according to ISO 9001:2015<http://www.mackevision.com/company/?utm_source=E-Mail-Signatur&utm_medium=E-Mail&utm_campaign=iso-company-link> SOCIAL: LinkedIn<https://www.linkedin.com/company/mackevision>, Xing<https://www.xing.com/companies/mackevision>, Facebook<https://www.facebook.com/mackevision/>, Twitter<https://twitter.com/Mackevision>, Behance<https://www.behance.net/mackevision>, Vimeo<https://vimeo.com/mackevision> From: Linux-PowerEdge [mailto:[email protected]] On Behalf Of Daniele Viganò Sent: Samstag, 6. Januar 2018 16:57 To: Troels Arvin <[email protected]> Cc: [email protected] Subject: Re: [Linux-PowerEdge] microcode_ctl and Spectre/Meltdown As per http://www.dell.com/support/article/it/it/itdhs1/sln308588/microprocessor-side-channel-attacks--cve-2017-5715--cve-2017-5753--cve-2017-5754---impact-on-dell-emc-products--dell-enterprise-servers--storage-and-networking-?lang=en it looks like Dell is not planning any new firmware release, with an updated microcode, for 12th gen servers (which is really bad, we have several of them with an active ProSupport contract...) Cheers, Daniele On Sat, Jan 6, 2018 at 1:12 AM, Troels Arvin <[email protected]<mailto:[email protected]>> wrote: Hello, Red Hat and others have released a bunch of updated software which provides workarounds for the Spectre/Meltdown trouble. I have updated some Poweredge R720s and an HPE ProLiant BL460c Gen9 server. On the Dell servers, the Spectre/Meltdown work-arounds are not enabled after boot, wereas on the HPE server, the workaround is enabled. All serves have the latest available firmware/BIOSes. I check for the workarounds being enabled by checking the value of /sys/kernel/debug/x86/ibrs_enabled and /sys/kernel/debug/x86/ibpb_enabled after boot. On the Dell servers, both have a value of 0, whereas on the HPE server, the value of both is 1. As I see it, my Dell servers are not safe yet, while my HPE server is. Red Hat article https://access.redhat.com/articles/3311301 states that the above mentioned workarounds are enabled at boot time, based upon the architecture detected. So it seems that the microcode_ctl tool does not recognize our PowerEdge R720s as being an architecture where the workarounds are to be enabled. I wonder how this situation is to be fixed? Does Dell have to release updated firmware/BIOS? Does the microcode_ctl package need to have stuff added from Intel or Dell? Or...? -- Regards, Troels Arvin <[email protected]<mailto:[email protected]>> http://troels.arvin.dk/ _______________________________________________ Linux-PowerEdge mailing list [email protected]<mailto:[email protected]> https://lists.us.dell.com/mailman/listinfo/linux-poweredge -- DANIELE VIGANÒ | System Administrator | Skype dennyv85 | +39-0382-5169882 GLOBAL EARTHQUAKE MODEL | working together to assess risk GEM - globalquakemodel.org<http://www.globalquakemodel.org/> | T - @GEMwrld<http://twitter.com/GEMwrld> | F - GEMwrld<http://www.facebook.com/GEMwrld>
_______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
