Bug 1758572
| Summary: | [rhel-7.7.z] Update Intel microcode version to microcode-20190918 | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | RAD team bot copy to z-stream <autobot-eus-copy> |
| Component: | microcode_ctl | Assignee: | Eugene Syromiatnikov <esyr> |
| Status: | CLOSED ERRATA | QA Contact: | Jeff Bastian <jbastian> |
| Severity: | medium | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.7 | CC: | esyr, mthacker, skozina |
| Target Milestone: | rc | Keywords: | ZStream |
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | microcode_ctl-2.1-53.1.el7_7 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1753541 | Environment: | |
| Last Closed: | 2019-10-16 09:04:34 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1753541 | ||
| Bug Blocks: | |||
|
Description
RAD team bot copy to z-stream
2019-10-04 14:17:23 UTC
Verified with microcode_ctl-2.1-53.2.el7_7 First do a comparison with rpmdiff against the RHEL-7.8 version (see bug 1753541 for test results) and verify the contents are the same (excluding timestamp and documentation differences): $ rpmdiff microcode_ctl-2.1-53.2.el7_7.x86_64.rpm microcode_ctl-2.1-55.el7.x86_64.rpm | grep -v -F -e '..........T' -e '/usr/share/man' removed PROVIDES microcode_ctl(x86-64) = 2:2.1-53.2.el7_7 added PROVIDES microcode_ctl(x86-64) = 2:2.1-55.el7 Next run a sanity check on a system: https://beaker.engineering.redhat.com/recipes/7451749#tasks [root@hpe-dl120gen10-01 ~]# rpm -q microcode_ctl microcode_ctl-2.1-53.2.el7_7.x86_64 [root@hpe-dl120gen10-01 ~]# lscpu | egrep -i -e family -e model -e stepping CPU family: 6 Model: 85 Model name: Intel(R) Xeon(R) Gold 6152 CPU @ 2.10GHz Stepping: 4 [root@hpe-dl120gen10-01 ~]# uname -r 3.10.0-1062.1.2.el7.x86_64 [root@hpe-dl120gen10-01 ~]# cat /sys/devices/system/cpu/cpu0/microcode/version 0x2000064 [root@hpe-dl120gen10-01 ~]# journalctl -b0 -o short-monotonic | sed "s/$(hostname) //" | grep -i microcode | grep -v dracut [ 0.000000] kernel: microcode: microcode updated early to revision 0x2000064, date = 2019-07-31 [ 3.957368] kernel: microcode: sig=0x50654, pf=0x80, revision=0x2000064 [ 3.963563] kernel: microcode: Microcode Update Driver: v2.01 <tigran.co.uk>, Peter Oruba [ 11.833915] systemd[1]: Starting Load CPU microcode update... [ 12.455277] systemd[1]: Started Load CPU microcode update. [root@hpe-dl120gen10-01 ~]# cd /sys/devices/system/cpu/vulnerabilities [root@hpe-dl120gen10-01 vulnerabilities]# grep . * | sed 's/:/^/' | column -t -s^ l1tf Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable mds Mitigation: Clear CPU buffers; SMT vulnerable meltdown Mitigation: PTI spec_store_bypass Mitigation: Speculative Store Bypass disabled via prctl and seccomp spectre_v1 Mitigation: Load fences, usercopy/swapgs barriers and __user pointer sanitization spectre_v2 Mitigation: Full retpoline, IBPB Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2019:3091 |