Bug 1760832

Summary: [rhel-8.1.0.z] Update Intel microcode version to microcode-20190918
Product: Red Hat Enterprise Linux 8 Reporter: Oneata Mircea Teodor <toneata>
Component: microcode_ctlAssignee: Eugene Syromiatnikov <esyr>
Status: CLOSED ERRATA QA Contact: Jeff Bastian <jbastian>
Severity: medium Docs Contact:
Priority: high    
Version: 8.1CC: esyr, jbastian, mthacker, skozina, toneata
Target Milestone: rcKeywords: ZStream
Target Release: 8.2Flags: pm-rhel: mirror+
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: microcode_ctl-20190618-1.20190918.2.el8_1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1753544 Environment:
Last Closed: 2019-11-05 22:38:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1753544    
Bug Blocks: 1758538    

Comment 7 Jeff Bastian 2019-10-14 21:47:01 UTC 
Verified with microcode_ctl-20190618-1.20190918.2.el8_1

First an rpmdiff comparison with the RHEL-8.2.0 package (bug 1753544).  The contents are the same (ignoring timestamps); only the rpm metadata is different:

$ rpmdiff microcode_ctl-20190618-1.20190918.2.el8_1.x86_64.rpm \
          microcode_ctl-20190918-2.el8.x86_64.rpm |
    grep -v -F '..........T'
removed     REQUIRES config(microcode_ctl) = 4:20190618-1.20190918.2.el8_1
added       REQUIRES config(microcode_ctl) = 4:20190918-2.el8
removed     PROVIDES config(microcode_ctl) = 4:20190618-1.20190918.2.el8_1
removed     PROVIDES microcode_ctl(x86-64) = 4:20190618-1.20190918.2.el8_1
added       PROVIDES config(microcode_ctl) = 4:20190918-2.el8
added       PROVIDES microcode_ctl(x86-64) = 4:20190918-2.el8

Next a sanity check on a Broadwell-EP system:

[root@smicro-ss1018-02 ~]# rpm -q microcode_ctl
microcode_ctl-20190618-1.20190918.2.el8_1.x86_64

[root@smicro-ss1018-02 ~]# ls -l /etc/microcode_ctl/ucode_with_caveats/
total 0
-rwxr-xr-x. 1 root root 0 Oct 14 17:23 force-intel-06-4f-01

[root@smicro-ss1018-02 ~]# uname -r
4.18.0-147.el8.x86_64

[root@smicro-ss1018-02 ~]# cat /sys/devices/system/cpu/cpu0/microcode/version
0xb000038

[root@smicro-ss1018-02 ~]# journalctl -b0 -o short-monotonic --no-hostname |
                             grep -i microcode |
                             grep -v -e dracut -e restraintd -e dnf
[    0.000000] kernel: microcode: microcode updated early to revision 0xb000038, date = 2019-06-18
[    2.514486] kernel: microcode: sig=0x406f1, pf=0x1, revision=0xb000038
[    2.520352] kernel: microcode: Microcode Update Driver: v2.2.
[  141.849526] systemd[1]: Starting Load CPU microcode update...
[  142.668654] systemd[1]: Started Load CPU microcode update.

[root@smicro-ss1018-02 ~]# cd /sys/devices/system/cpu/vulnerabilities && \
    grep . * | sed 's/:/^/' | column -t -s^
l1tf               Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable
mds                Mitigation: Clear CPU buffers; SMT vulnerable
meltdown           Mitigation: PTI
spec_store_bypass  Mitigation: Speculative Store Bypass disabled via prctl and seccomp
spectre_v1         Mitigation: usercopy/swapgs barriers and __user pointer sanitization
spectre_v2         Mitigation: Full generic retpoline, IBPB: conditional, IBRS_FW, STIBP: conditional, RSB filling
Comment 9 errata-xmlrpc 2019-11-05 22:38:17 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2019:3690