Created attachment 1456992 [details] Spectre Meltdown Checker Description of problem: Continuation from https://bugzilla.redhat.com/show_bug.cgi?id=1501362 On latest Fedora Atomic Workstation, initramfs regeneration enabled, microcode_ctl installed, rpm-ostree upgrade all applied and rebooted, dracut -fv applied the microcode just gets never upgraded. $ cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 78 model name : Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz stepping : 3 microcode : 0x33 cpu MHz : 800.022 cache size : 3072 KB physical id : 0 siblings : 4 core id : 0 cpu cores : 2 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf tsc_known_freq pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass bogomips : 4800.00 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: Version-Release number of selected component (if applicable): microcode_ctl-2.1-23 How reproducible: I suspect it's not just bound to the Atomic Workstation but the regular one as well, however I'll list the steps I did Steps to Reproduce: 1. rpm-ostree install microcode_ctl 2. rpm-ostree upgrade 3. systemctl reboot 4. dracut -fv 5. systemctl reboot 6. cat /proc/cpuinfo = Microcode not updated (in my case 0x33). 7. rpm-ostree initramfs --enable 8. dracut -fv 9. systemctl reboot 10. cat /proc/cpuinfo = Microcode not updated, vulnerable to spectre/meltdown. Actual results: Microcode as supplied by BIOS-Vendor (sadly no BIOS-Update existing) Expected results: Correctly updated Microcode Additional info: See attachment sh-script for checking the vulernabilities
microcode_ctl-2.1-24.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-2005870f6f
microcode_ctl-2.1-24.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-2005870f6f
microcode_ctl-2.1-24.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.