On Sunday, January 14, 2018 at 12:20:48 PM UTC-5, Vít Šesták wrote: > As far as I understand it, microcode update cannot fix it. It just brings > some new instructions that can be used for Spectre fix. (But they don't help > on their own.) > > You can try to update your BIOS if it is well supported by your vendor. Mine > is. > > Alternatively, you can try to update microcode via Xen. (In fact, the new > microcode is loaded on every boot, because CPU has no persistent storage for > that. It should be loaded in early stage of boot.*) Xen has some > documentation, it would be probably enough to use some Linux package and add > something like “ucode=scan” to Xen parameters: > https://wiki.xenproject.org/wiki/XenParavirtOps/microcode_update > > Regards, > Vít Šesták 'v6ak' > > *) Some μcode updates can be loaded even runtime, but this is not so general > and I don't recommend it. As far as I understand, the result of runtime > patching might vary on what instructions have been used before the attempt to > patch it, so you could end up with some race condition.
do you mean you need bios microcode update AND software fixes together to prevent these attacks? Also did you notice the "20% increase in cpu utilization" they are talking about? Because I feel I have had a dramatic increase in performance. I'm becoming skeptical about some of the information out there. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/01aaec7e-9e3c-4a18-b563-1c0b2044df21%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.