it is working thx a lot... but it has included the GenuineIntel.bin only in actually used kernel... do I need to reinstall microcode_ctl every time I update the kernel? And second question, I quess I still need the ucode = scan as xen parameter right? Am 2018-09-19 20:08, schrieb Kevin Stange: > On 9/19/18 1:55 AM, Christoph wrote: >> >> Hi >> >> can someone say me how to update the µcode of the cpu with xen? >> >> I have added the ucode=scan parameter to xen but it does not seem to >> work... >> >> the µcode version of my xeon is really old :/ >> >> model name : Intel(R) Xeon(R) CPU E3-1271 v3 @ 3.60GHz >> microcode : 0x10 >> > > There is a "caveat" in the current version of microcode_ctl which means > it doesn't automatically install the microcode into the initramfs if > the > kernel isn't "known good" because of various issues with Linux kernel > patches being needed for certain microcode features. There is a quick > way to get it to force the microcode into the initramfs of any kernel: > > mkdir -p /etc/microcode_ctl/ucode_with_caveats/ > touch /etc/microcode_ctl/ucode_with_caveats/force > > This only works with the most recent version of microcode_ctl > (2.1-29.16.el7_5.x86_64). If you do this, you can then run 'yum > reinstall microcode_ctl' and you should get the microcode in the > initramfs after it finishes. Note that this will cause it to trust ALL > kernels and all microcode versions which might not always be a good > thing. See this file for info: > > /usr/share/doc/microcode_ctl/README.caveats > > You can test that the initramfs has the microcode by running cpio: > > cpio -t < /boot/initramfs-4.9.112-32.el7.x86_64.img > > If there is a GenuineIntel.bin you should be good. If you get spammed > with errors, then it isn't included. -- ------ Greetz