Bug#1013285: needrestart: Failed to check for processor microcode upgrades.
On 2023-12-12 15:39:24, Patrick Matthäi wrote: [...] >> It doesn't *quite* fix it just yet. For platforms where the ucode is >> *not* provided (e.g. in my case it's the pcengines APU that don't have >> firmware upgrades), this *still* yields a UNKNOWN warning. After a brief >> discussion in the issue tracker, I decided to submit *another* PR as >> such: >> >> https://github.com/liske/needrestart/pull/290 >> >> ... and I think we should ship this in Debian as well. >> >> I also think we should make a stable update for this. This affects a >> bunch of machines on our end and we need this fixed in bookworm. >> >> So I'll file a bug with the release team and prepare a stable >> update. >> >> Patrick: objections? >> >> A. > > I will upload this patch now with 3.6-7. I am fine with a stable update > and would welcome it if you could do it in this case (I am a bit busy > these weeks) I believe the update proposed in #1056358 fixes this. It's unclear to me why it missed the 12.3 window - maybe I should have just uploaded it already - but alas, this is where we're at now. :( a. -- O gentilshommes, la vie est courte. Si nous vivons, nous vivons pour marcher sur la tête des rois. - William Shakespeare
Bug#1013285: needrestart: Failed to check for processor microcode upgrades.
Hey Am 21.11.2023 um 17:23 schrieb Antoine Beaupré: Control: reopen -1 Control: subscribe -1 On 2023-11-15 15:46:24, Antoine Beaupré wrote: Control: tags -1 +patch On 2023-11-15 14:54:26, Antoine Beaupré wrote: On 2022-06-20 13:54:38, Nick Lewycky wrote: Package: needrestart Version: 3.6-1 Severity: normal `sudo needrestart -w` always prints "Failed to check for processor microcode upgrades." on my AMD Ryzen 9 3900X 12-Core Processor. [...] There's now a PR for this upstream: https://github.com/liske/needrestart/pull/285 People suffering from this issue are encouraged to test this and report back upstream (or here, if you can't upstream). I tested it and it doesn't work. It only *seemed* to work because the author tested with -v, which *does* work around the issue. I found the issue, and sent this PR upstream to fix it: https://github.com/liske/needrestart/pull/288 Patch attached, people are again encouraged to test and report back. I also attach upstream commit v3.6-9-ge85bfe3 which also seem necessary to fix firmware checks on my end... It doesn't *quite* fix it just yet. For platforms where the ucode is *not* provided (e.g. in my case it's the pcengines APU that don't have firmware upgrades), this *still* yields a UNKNOWN warning. After a brief discussion in the issue tracker, I decided to submit *another* PR as such: https://github.com/liske/needrestart/pull/290 ... and I think we should ship this in Debian as well. I also think we should make a stable update for this. This affects a bunch of machines on our end and we need this fixed in bookworm. So I'll file a bug with the release team and prepare a stable update. Patrick: objections? A. I will upload this patch now with 3.6-7. I am fine with a stable update and would welcome it if you could do it in this case (I am a bit busy these weeks) Thanks!
Bug#1013285: needrestart: Failed to check for processor microcode upgrades.
Control: reopen -1 Control: subscribe -1 On 2023-11-15 15:46:24, Antoine Beaupré wrote: > Control: tags -1 +patch > > On 2023-11-15 14:54:26, Antoine Beaupré wrote: >> On 2022-06-20 13:54:38, Nick Lewycky wrote: >>> Package: needrestart >>> Version: 3.6-1 >>> Severity: normal >>> >>> `sudo needrestart -w` always prints "Failed to check for processor >>> microcode upgrades." on my AMD Ryzen 9 3900X 12-Core Processor. >> >> [...] >> >> There's now a PR for this upstream: >> >> https://github.com/liske/needrestart/pull/285 >> >> People suffering from this issue are encouraged to test this and report >> back upstream (or here, if you can't upstream). > > I tested it and it doesn't work. It only *seemed* to work because the > author tested with -v, which *does* work around the issue. > > I found the issue, and sent this PR upstream to fix it: > > https://github.com/liske/needrestart/pull/288 > > Patch attached, people are again encouraged to test and report back. > > I also attach upstream commit v3.6-9-ge85bfe3 which also seem necessary > to fix firmware checks on my end... It doesn't *quite* fix it just yet. For platforms where the ucode is *not* provided (e.g. in my case it's the pcengines APU that don't have firmware upgrades), this *still* yields a UNKNOWN warning. After a brief discussion in the issue tracker, I decided to submit *another* PR as such: https://github.com/liske/needrestart/pull/290 ... and I think we should ship this in Debian as well. I also think we should make a stable update for this. This affects a bunch of machines on our end and we need this fixed in bookworm. So I'll file a bug with the release team and prepare a stable update. Patrick: objections? A. -- All governments are run by liars and nothing they say should be believed. - I. F. Stone
Bug#1013285: needrestart: Failed to check for processor microcode upgrades.
Control: tags -1 +patch
On 2023-11-15 14:54:26, Antoine Beaupré wrote:
> On 2022-06-20 13:54:38, Nick Lewycky wrote:
>> Package: needrestart
>> Version: 3.6-1
>> Severity: normal
>>
>> `sudo needrestart -w` always prints "Failed to check for processor
>> microcode upgrades." on my AMD Ryzen 9 3900X 12-Core Processor.
>
> [...]
>
> There's now a PR for this upstream:
>
> https://github.com/liske/needrestart/pull/285
>
> People suffering from this issue are encouraged to test this and report
> back upstream (or here, if you can't upstream).
I tested it and it doesn't work. It only *seemed* to work because the
author tested with -v, which *does* work around the issue.
I found the issue, and sent this PR upstream to fix it:
https://github.com/liske/needrestart/pull/288
Patch attached, people are again encouraged to test and report back.
I also attach upstream commit v3.6-9-ge85bfe3 which also seem necessary
to fix firmware checks on my end...
a.
--
Advertisers, not governments, are the primary censors of media content
in the United States today.
- C. Edwin Baker
>From b073fb6d9969597173daa8c511a85bae9b03ed37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?=
Date: Wed, 15 Nov 2023 15:20:37 -0500
Subject: [PATCH] fix AMD ucode checking in non-debug mode
It looks like the assignment when the ucode exist was not
done *unless* `debug` (`-v`) was set. Therefore, all AMD microcode
checks were returning UNKNOWN, including in Nagios checks, unless the
`-v` ("verbose", but actually `debug`) was passed.
Closes: #249
---
perl/lib/NeedRestart/uCode/AMD.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/perl/lib/NeedRestart/uCode/AMD.pm b/perl/lib/NeedRestart/uCode/AMD.pm
index 638e68d..6daad8f 100644
--- a/perl/lib/NeedRestart/uCode/AMD.pm
+++ b/perl/lib/NeedRestart/uCode/AMD.pm
@@ -185,8 +185,8 @@ sub nr_ucode_check_real {
if ( exists( $_ucodes->{cpuid}->{$cpuid} ) ) {
my $prid = $_ucodes->{cpuid}->{$cpuid};
if ( exists( $_ucodes->{prid}->{$prid} ) ) {
-$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} ),
- print STDERR "$LOGPREF #$info->{processor} found ucode $vars{AVAIL}\n" if ($debug);
+$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} );
+print STDERR "$LOGPREF #$info->{processor} found ucode $vars{AVAIL}\n" if ($debug);
}
}
--
2.39.2
>From e85bfe33b595b88cc8052a7815d13612ecc2a841 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20B=C3=BChler?=
Date: Sun, 28 May 2023 17:42:28 +0200
Subject: [PATCH] [uCode] fix uninitialized value in logging of processor index
This got broken in f8c2609f8d5a0e10bd988497b8ea9815a7bb2fa8.
Before that it would have effectively logged
`$processors{$pid}->{processor}`, but the `processor` entry
is also the key in `%processors`, i.e. equals `$pid`.
---
perl/lib/NeedRestart/uCode.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/perl/lib/NeedRestart/uCode.pm b/perl/lib/NeedRestart/uCode.pm
index 6251339..db81375 100644
--- a/perl/lib/NeedRestart/uCode.pm
+++ b/perl/lib/NeedRestart/uCode.pm
@@ -148,7 +148,7 @@ sub nr_ucode_check {
}
$ui->progress_step;
-my $nstate = compare_ucode_versions( $debug, $processors{processor}, @nvars );
+my $nstate = compare_ucode_versions( $debug, $pid, @nvars );
if ( $nstate > $state ) {
( $state, @vars ) = ( $nstate, @nvars );
}
--
2.39.2
Bug#1013285: needrestart: Failed to check for processor microcode upgrades.
On 2022-06-20 13:54:38, Nick Lewycky wrote: > Package: needrestart > Version: 3.6-1 > Severity: normal > > `sudo needrestart -w` always prints "Failed to check for processor > microcode upgrades." on my AMD Ryzen 9 3900X 12-Core Processor. [...] There's now a PR for this upstream: https://github.com/liske/needrestart/pull/285 People suffering from this issue are encouraged to test this and report back upstream (or here, if you can't upstream). I've also bumped the severity of this bug. For us it leads to alert fatigue and creates security and reliability issues. a. -- Je viens d'un pays où engagé veut dire que tu t'es trouvé une job. - Patrice Desbiens
Bug#1013285: needrestart: Failed to check for processor microcode upgrades.
Package: needrestart Version: 3.6-1 Severity: normal `sudo needrestart -w` always prints "Failed to check for processor microcode upgrades." on my AMD Ryzen 9 3900X 12-Core Processor. I also don't have 'cpuid' in /dev/cpu/##/, but fixing that doesn't help. $ ls -l /dev/cpu/0/ total 0 crw---. 1 root root 202, 0 Jun 20 02:29 msr $ lsmod | grep -i cpuid $ sudo modprobe cpuid [sudo] password for nicholas: $ lsmod | grep -i cpuid cpuid 16384 0 $ ls -l /dev/cpu/0/ total 0 crw---. 1 root root 203, 0 Jun 20 13:48 cpuid crw---. 1 root root 202, 0 Jun 20 02:29 msr $ sudo /usr/sbin/needrestart -w Scanning processor microcode... Failed to check for processor microcode upgrades. The first core's worth of cpuinfo looks like this: processor : 0 vendor_id : AuthenticAMD cpu family : 23 model : 113 model name : AMD Ryzen 9 3900X 12-Core Processor stepping: 0 microcode : 0x8701021 cpu MHz : 2200.000 cache size : 512 KB physical id : 0 siblings: 24 core id : 0 cpu cores : 12 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 16 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es bugs: sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass bogomips: 7586.41 TLB size: 3072 4K pages clflush size: 64 cache_alignment : 64 address sizes : 43 bits physical, 48 bits virtual power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14] The log from needrestart -w -v shows a failure "Use of uninitialized value $processor in concatenation (.) or string at /usr/share/perl5/NeedRestart/uCode.pm line 61.", but I think that's only an error in a logging statement after it's already failed: $ sudo /usr/sbin/needrestart -w -v [main] eval /etc/needrestart/needrestart.conf [main] needrestart v3.6 [main] running in root mode [Core] Using UI 'NeedRestart::UI::stdio'... [main] systemd detected [ucode] using NeedRestart::uCode::AMD [ucode] using NeedRestart::uCode::Intel [uCode/AMD] #0 Failed to open /dev/cpu/0/cpuid (Missed `modprobe cpuid`?): No such file or directory [uCode/AMD] #0 cpuid 0x00870f10 (/proc/cpuinfo) [uCode/AMD] #0 running ucode 0x08701021 [uCode/AMD] cpuid 0x00100f80: found processor id 0x1080 [uCode/AMD] cpuid 0x00100f81: found processor id 0x1081 [uCode/AMD] cpuid 0x00100f62: found processor id 0x1062 [uCode/AMD] cpuid 0x00100f23: found processor id 0x1022 [uCode/AMD] cpuid 0x00100f43: found processor id 0x1043 [uCode/AMD] cpuid 0x00100f91: found processor id 0x1081 [uCode/AMD] cpuid 0x00100f2a: found processor id 0x1020 [uCode/AMD] cpuid 0x00100f63: found processor id 0x1043 [uCode/AMD] cpuid 0x00100f42: found processor id 0x1041 [uCode/AMD] cpuid 0x00300f10: found processor id 0x3010 [uCode/AMD] cpuid 0x00200f31: found processor id 0x2031 [uCode/AMD] cpuid 0x00100f52: found processor id 0x1041 [uCode/AMD] cpuid 0x00100fa0: found processor id 0x10a0 [uCode/AMD] cpuid 0x00100f53: found processor id 0x1043 [uCode/AMD] cpuid 0x00100f22: found processor id 0x1022 [uCode/AMD] cpuid 0x00500f10: found processor id 0x5010 [uCode/AMD] cpuid 0x00500f20: found processor id 0x5020 [uCode/AMD] processor id 0x1022: available ucode 0x0183 [uCode/AMD] processor id 0x1020: available ucode 0x0184 [uCode/AMD] processor id 0x1062: available ucode 0x01c7 [uCode/AMD] processor id 0x1043: available ucode 0x01c8 [uCode/AMD] processor id 0x1081: available ucode 0x01d9 [uCode/AMD] processor id 0x1080: available ucode 0x01da [uCode/AMD] processor id 0x1041: available ucode 0x01db [uCode/AMD] processor id 0x10a0: available ucode 0x01dc [uCode/AMD] processor id 0x2031: available ucode 0x0232 [uCode/AMD] processor id 0x3010: available ucode 0x0327
