A quick follow-up: microcode package release 20171117 did not include mitigation to Meltdown, but 20180108 ( https://downloadcenter.intel.com/download/27431/Linux-Processor-Microcode-Data-File?v=t) does. By the way it seems it could cause random reboots on Broadwell and Haswell CPUs (see https://newsroom.intel.com/news/intel-security-issue-update-addressing-reboot-issues/ ).
I think that, having such CPU models, is more safe to update the firmware via microcode_ctl (and thus the OS) before flashing a new BIOS with the new microcode update in it; this should make possible to test the new microcode and easily revert to the previous version in case of issues without the need to perform a firmware downgrade, at least until the situation becomes more clear. Cheers, Daniele On Sat, Jan 6, 2018 at 5:23 PM, Daniele Viganò < [email protected]> wrote: > A temporary solution could be manually updating the content of > /lib/firmware/intel-ucode/, getting the ucode bins directly from the Intel > website: https://downloadcenter.intel.com/download/27337/Linux- > Processor-Microcode-Data-File?product=873 > > intel-ucode dirctory contains binary microcode files named in >> family-model-stepping pattern. The file is supported in most modern Linux >> distributions. It's generally located in the /lib/firmware directory, >> and can be updated throught the microcode reload interface. >> >> To update the intel-ucode package to the system, one need: >> 1. Ensure the existence of /sys/devices/system/cpu/microcode/reload >> 2. Copy intel-ucode directory to /lib/firmware, overwrite the files in >> /lib/firmware/intel-ucode/ >> 3. Write the reload interface to 1 to reload the microcode files, e.g. >> echo 1 > /sys/devices/system/cpu/microcode/reload >> > > This should contains _all_ latest available microcodes, including pieces > not shipped by microcode_ctl-2.1-22.2 (and in fact the Intel package has > more bin files in it). Not sure if this is enough. > > Cheers, > Daniele > > -- > *DANIELE VIGANÒ* | System Administrator | *Skype* dennyv85 | *+39-0382-5169882 > <+39%200382%20516%209882>* > *GLOBAL EARTHQUAKE MODEL *| working together to assess risk > *GEM -* globalquakemodel.org <http://www.globalquakemodel.org/> | *T -* > @GEMwrld <http://twitter.com/GEMwrld> | *F -* GEMwrld > <http://www.facebook.com/GEMwrld> > -- *DANIELE VIGANÒ* | System Administrator | *Skype* dennyv85 | *+39-0382-5169882* *GLOBAL EARTHQUAKE MODEL *| working together to assess risk *GEM -* globalquakemodel.org <http://www.globalquakemodel.org/> | *T -* @GEMwrld <http://twitter.com/GEMwrld> | *F -* GEMwrld <http://www.facebook.com/GEMwrld>
_______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
