Feature #14484
closed
Update Intel microcode to 20220207
100%
Description
Subject mostly says it all.
An initial run of update.intel suggests that we may have another microcode-size problem akin to #13891 :
-rw-r--r-- 1 danmcd staff 291840 Feb 8 16:12 /export/home/danmcd/ws/Intel-Linux-Processor-Microcode-Data-Files/intel-ucode/06-6a-06
Related issues
Updated by Dan McDonald 6 months ago
- Blocked by Bug #14490: ucodeadm cannot handle latest Intel microcode (again) added
Updated by Dan McDonald 6 months ago
From the Intel firmware github's latest update ( https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files )
Security updates for [INTEL-SA-00528](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html)
Security updates for [INTEL-SA-00532](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html)
The first addresses use of Running Average Power Levels (RAPL) MSR to extract keys from other processes. We allow use of this MSR to BHYVE guests only, currently.
The second one involves a corner-case of control flow management being able to deny service.
Updated by Dan McDonald 6 months ago
Tested on:
- Skylake-E (Xeon Silver 4110)
- Haswell-E (Xeon E5 v3)
- Broadwell-E (Xeon E5 v4)
- Xeon D-1541
- Rocket Lake (Xeon E-2388G)
- Xeon Gold 6140
Updated by Electric Monk 6 months ago
- Status changed from New to Closed
- % Done changed from 0 to 100
git commit 74e98f497ae878ae481ccba1f91fd8dc26fa6627
commit 74e98f497ae878ae481ccba1f91fd8dc26fa6627
Author: Dan McDonald <danmcd@joyent.com>
Date: 2022-02-21T20:05:38.000Z
14484 Update Intel microcode to 20220207
Reviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>
Reviewed by: Toomas Soome <tsoome@me.com>
Reviewed by: Jorge Schrauwen <sjorge@blackdot.be>
Approved by: Robert Mustacchi <rm@fingolfin.org>