[CentOS] /lib/firmware/microcode.dat update on CentOS 6

Thu Jan 18 16:01:18 UTC 2018
Pete Geenhuizen <pete at geenhuizen.net>

On 01/18/18 09:01, Johnny Hughes wrote:
> On 01/18/2018 07:51 AM, Phelps, Matthew wrote:
>> On Thu, Jan 18, 2018 at 5:03 AM, Johnny Hughes <johnny at centos.org> wrote:
>> So, if we applied the previous microcode update, and all our machines
>> rebooted OK, then we don't need to fallback?
>> Also, do we know if the updated CentOS microcode RPM reverted the microcode
>> for *all* Intel CPUs, or just the ones that had issues? In other words, if
>> I apply the latest microcode update to our 100+ machines (which all have
>> the previous update, and are OK) will they revert to a vulnerable state?
> It reverted for all .. but, your machines may or may not be protected as
> only a subset of machines were updated with the original microcode from
> Intel.
> It is your call as to what you install .. but the correct method is to
> install the current microcode_ctl .. and then research your specific
> machine, its CPU, chipset, firmware .. go to the vendor and make sure
> you get all the things necessary to mitigate the issues.  It will be
> different for each CPU vendor (Intel or AMD), each CPU / Chipset combo,
> and even each vendor (Dell may have new firmware for x and y but not z
> models, etc.)
> There is no one size fits all update for this issue.
OK, so color me confused about the timing in all this.

Do we update the microcode now or do we wait until the latest 
microcode_ctl rpm is available and then tackle this issue?

Unencumbered by the thought process.
  -- Click and Clack the Tappet brothers

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.