Bug 1753544
| Summary: | [rhel-8.2.0] Update Intel microcode version to microcode-20190918 | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Eugene Syromiatnikov <esyr> | |
| Component: | microcode_ctl | Assignee: | Eugene Syromiatnikov <esyr> | |
| Status: | CLOSED ERRATA | QA Contact: | Jeff Bastian <jbastian> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | high | |||
| Version: | 8.1 | CC: | mthacker, skozina, toneata | |
| Target Milestone: | rc | Keywords: | ZStream | |
| Target Release: | 8.2 | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | microcode_ctl-20190918-1.el8 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1758538 1760832 (view as bug list) | Environment: | ||
| Last Closed: | 2020-04-28 16:06:20 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1710951, 1758538, 1760832 | |||
|
Description
Eugene Syromiatnikov
2019-09-19 09:16:15 UTC
microcode-20190918 release includes the following microcode updates: Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New BDW-U/Y E0/F0 6-3d-4/c0 0000002d->0000002e Core Gen5 HSX-EX E0 6-3f-4/80 00000014->00000016 Xeon E7 v3 BDW-H/E3 E0/G0 6-47-1/22 00000020->00000021 Core Gen5 BDX-ML B0/M0/R0 6-4f-1/ef 0b000036->0b000038 Xeon E5/E7 v4; Core i7-69xx/68xx BDX-DE V1 6-56-2/10 0000001a->0000001c Xeon D-1520/40 BDX-DE V2/3 6-56-3/10 07000017->07000019 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 BDX-DE Y0 6-56-4/10 0f000015->0f000017 Xeon D-1557/59/67/71/77/81/87 BDX-NS A0 6-56-5/10 0e00000d->0e00000f Xeon D-1513N/23/33/43/53 SKX-SP H0/M0/U0 6-55-4/b7 0200005e->00000064 Xeon Scalable SKX-D M1 6-55-4/b7 0200005e->00000064 Xeon D-21xx CLX-SP B1 6-55-7/bf 05000021->0500002b Xeon Scalable Gen2 Verified with microcode_ctl-20190918-2.el8 on 3 different Intel CPU models. https://beaker.engineering.redhat.com/jobs/3835629 Note: minor bug 1760508 was found while testing Sandy Bridge-EP, but it does not block this update ::::::::::::::::::::: :: Sandy Bridge-EP :: ::::::::::::::::::::: [root@dell-prt5600-01 ~]# rpm -q microcode_ctl microcode_ctl-20190918-2.el8.x86_64 [root@dell-prt5600-01 ~]# ls -l /etc/microcode_ctl/ucode_with_caveats/ total 0 -rwxr-xr-x. 1 root root 0 Oct 10 10:55 force-intel-06-2d-07 [root@dell-prt5600-01 ~]# lscpu | egrep -i -e family -e model -e stepping CPU family: 6 Model: 45 Model name: Intel(R) Xeon(R) CPU E5-2667 0 @ 2.90GHz Stepping: 7 [root@dell-prt5600-01 ~]# uname -r 4.18.0-147.4.el8.x86_64 [root@dell-prt5600-01 ~]# cat /sys/devices/system/cpu/cpu0/microcode/version 0x718 [root@dell-prt5600-01 ~]# journalctl -b0 -o short-monotonic --no-hostname | grep -i microcode | grep -v -e dracut -e restraintd -e dnf [ 0.000000] kernel: microcode: microcode updated early to revision 0x718, date = 2019-05-21 [ 3.576162] kernel: microcode: sig=0x206d7, pf=0x1, revision=0x718 [ 3.582659] kernel: microcode: Microcode Update Driver: v2.2. [ 21.251783] kernel: [drm] Loading CEDAR Microcode [ 40.200296] systemd[1]: Starting Load CPU microcode update... [ 41.999394] systemd[1]: Started Load CPU microcode update. [root@dell-prt5600-01 ~]# cd /sys/devices/system/cpu/vulnerabilities [root@dell-prt5600-01 vulnerabilities]# grep . * | sed 's/:/^/' | column -t -s^ l1tf Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable mds Mitigation: Clear CPU buffers; SMT vulnerable meltdown Mitigation: PTI spec_store_bypass Mitigation: Speculative Store Bypass disabled via prctl and seccomp spectre_v1 Mitigation: usercopy/swapgs barriers and __user pointer sanitization spectre_v2 Mitigation: Full generic retpoline, IBPB: conditional, IBRS_FW, STIBP: conditional, RSB filling :::::::::::::::::: :: Broadwell-EP :: :::::::::::::::::: [root@intel-wildcatpass-02 ~]# rpm -q microcode_ctl microcode_ctl-20190918-2.el8.x86_64 [root@intel-wildcatpass-02 ~]# lscpu | egrep -i -e family -e model -e stepping CPU family: 6 Model: 79 Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz Stepping: 1 [root@intel-wildcatpass-02 ~]# uname -r 4.18.0-147.4.el8.x86_64 [root@intel-wildcatpass-02 ~]# cat /sys/devices/system/cpu/cpu0/microcode/version 0xb000038 [root@intel-wildcatpass-02 ~]# journalctl -b0 -o short-monotonic --no-hostname | grep -i microcode | grep -v -e dracut -e restraintd -e dnf [ 0.000000] kernel: microcode: microcode updated early to revision 0xb000038, date = 2019-06-18 [ 3.587315] kernel: microcode: sig=0x406f1, pf=0x1, revision=0xb000038 [ 3.597670] kernel: microcode: Microcode Update Driver: v2.2. [ 9.785339] systemd[1]: Starting Load CPU microcode update... [ 9.842720] systemd[1]: Started Load CPU microcode update. [root@intel-wildcatpass-02 ~]# cd /sys/devices/system/cpu/vulnerabilities [root@intel-wildcatpass-02 vulnerabilities]# grep . * | sed 's/:/^/' | column -t -s^ l1tf Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable mds Mitigation: Clear CPU buffers; SMT vulnerable meltdown Mitigation: PTI spec_store_bypass Mitigation: Speculative Store Bypass disabled via prctl and seccomp spectre_v1 Mitigation: usercopy/swapgs barriers and __user pointer sanitization spectre_v2 Mitigation: Full generic retpoline, IBPB: conditional, IBRS_FW, STIBP: conditional, RSB filling ::::::::::::::: :: Skylake-X :: ::::::::::::::: [root@dell-per740-03 ~]# rpm -q microcode_ctl microcode_ctl-20190918-2.el8.x86_64 [root@dell-per740-03 ~]# lscpu | egrep -i -e family -e model -e stepping CPU family: 6 Model: 85 Model name: Intel(R) Xeon(R) Gold 5118 CPU @ 2.30GHz Stepping: 4 [root@dell-per740-03 ~]# uname -r 4.18.0-147.4.el8.x86_64 [root@dell-per740-03 ~]# cat /sys/devices/system/cpu/cpu0/microcode/version 0x2000064 [root@dell-per740-03 ~]# journalctl -b0 -o short-monotonic --no-hostname | grep -i microcode | grep -v -e dracut -e restraintd -e dnf [ 0.000000] kernel: microcode: microcode updated early to revision 0x2000064, date = 2019-07-31 [ 3.573148] kernel: microcode: sig=0x50654, pf=0x80, revision=0x2000064 [ 3.579609] kernel: microcode: Microcode Update Driver: v2.2. [ 11.811731] systemd[1]: Starting Load CPU microcode update... [ 11.855131] systemd[1]: Started Load CPU microcode update. [root@dell-per740-03 ~]# cd /sys/devices/system/cpu/vulnerabilities [root@dell-per740-03 vulnerabilities]# grep . * | sed 's/:/^/' | column -t -s^ l1tf Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable mds Mitigation: Clear CPU buffers; SMT vulnerable meltdown Mitigation: PTI spec_store_bypass Mitigation: Speculative Store Bypass disabled via prctl and seccomp spectre_v1 Mitigation: usercopy/swapgs barriers and __user pointer sanitization spectre_v2 Mitigation: Full generic retpoline, IBPB: conditional, IBRS_FW, STIBP: conditional, RSB filling (In reply to Jeff Bastian from comment #8) > :::::::::::::::::: > :: Broadwell-EP :: > :::::::::::::::::: > > [root@intel-wildcatpass-02 ~]# rpm -q microcode_ctl > microcode_ctl-20190918-2.el8.x86_64 I forgot to mention this CPU require a caveats "force" file too: [root@intel-wildcatpass-02 ~]# ls -l /etc/microcode_ctl/ucode_with_caveats/ total 0 -rwxr-xr-x. 1 root root 0 Oct 10 10:56 force-intel-06-4f-01 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2020:1761 |