[Bug 1756633] Re: Backport request, 16.04 LTS (w/ Spectre/Meltdown fixups)
Jason Mills
virtualjmills at gmail.com
Wed Mar 28 01:27:01 UTC 2018
@sdeziel -- I have tested on an Ivy Bridge era (i5-3427U) and Apollo
Lake era (N3350) system thus far. The former is covered by the Intel
20180312 release, the latter is not. If time permits I'll also test on a
Skylake system.
Everything seems to be working properly w/r2 updated microcode query and
load during early InitRAMfs phase.
Install media was Ubuntu 16.04.2 LTS Server x86_64, patched to current but with both old and new kernels available. I did have to pull the .deb packages in manually, the PPA you referenced is no longer accepted automagically -- signing key cannot be found.
Details for the tests I performed on the Ivy Bridge system follow:
admin at ubuntu-1604-microcode-test:~$ dmesg | grep -i microcode
[ 2.297820] microcode: CPU0 sig=0x306a9, pf=0x10, revision=0x1b
[ 2.297849] microcode: CPU1 sig=0x306a9, pf=0x10, revision=0x1b
[ 2.297854] microcode: CPU2 sig=0x306a9, pf=0x10, revision=0x1b
[ 2.297872] microcode: CPU3 sig=0x306a9, pf=0x10, revision=0x1b
[ 2.297946] microcode: Microcode Update Driver: v2.01 <tigran at aivazian.fsnet.co.uk>, Peter Oruba
admin at ubuntu-1604-microcode-test:~$ dpkg -l | grep -E -- '(linux-|intel-microcode|iucode)'
ii intel-microcode 3.20180312.0~ubuntu16.04.1 amd64 Processor microcode firmware for Intel CPUs
ii iucode-tool 2.1.2-2 amd64 Intel processor microcode tool
ii linux-base 4.0ubuntu1 all Linux image base package
ii linux-firmware 1.157.17 all Firmware for Linux kernel drivers
ii linux-headers-4.4.0-116 4.4.0-116.140 all Header files related to Linux kernel version 4.4.0
ii linux-headers-4.4.0-116-generic 4.4.0-116.140 amd64 Linux kernel headers for version 4.4.0 on 64 bit x86 SMP
ii linux-headers-4.4.0-62 4.4.0-62.83 all Header files related to Linux kernel version 4.4.0
ii linux-headers-4.4.0-62-generic 4.4.0-62.83 amd64 Linux kernel headers for version 4.4.0 on 64 bit x86 SMP
ii linux-headers-generic 4.4.0.116.122 amd64 Generic Linux kernel headers
ii linux-image-4.4.0-116-generic 4.4.0-116.140 amd64 Linux kernel image for version 4.4.0 on 64 bit x86 SMP
ii linux-image-4.4.0-62-generic 4.4.0-62.83 amd64 Linux kernel image for version 4.4.0 on 64 bit x86 SMP
ii linux-image-extra-4.4.0-116-generic 4.4.0-116.140 amd64 Linux kernel extra modules for version 4.4.0 on 64 bit x86 SMP
ii linux-image-extra-4.4.0-62-generic 4.4.0-62.83 amd64 Linux kernel extra modules for version 4.4.0 on 64 bit x86 SMP
ii linux-signed-generic 4.4.0.116.122 amd64 Complete Signed Generic Linux kernel and headers
ii linux-signed-image-4.4.0-116-generic 4.4.0-116.140 amd64 Signed kernel image generic
ii linux-signed-image-4.4.0-62-generic 4.4.0-62.83 amd64 Signed kernel image generic
ii linux-signed-image-generic 4.4.0.116.122 amd64 Signed Generic Linux kernel image
*****
New kernel, current microcode
admin at ubuntu-1604-microcode-test:~$ uname -a
Linux ubuntu-1604-microcode-test 4.4.0-116-generic #140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
admin at ubuntu-1604-microcode-test:~$ find /sys/devices/system/cpu/vulnerabilities -type f -print -exec sudo -- cat {} \;
/sys/devices/system/cpu/vulnerabilities/spectre_v1
Mitigation: OSB (observable speculation barrier, Intel v6)
/sys/devices/system/cpu/vulnerabilities/spectre_v2
Mitigation: Full generic retpoline, IBPB (Intel v4)
/sys/devices/system/cpu/vulnerabilities/meltdown
Mitigation: PTI
admin at ubuntu-1604-microcode-test:~$ dmesg | grep -i microcode
[ 0.000000] microcode: CPU0 microcode updated early to revision 0x1f, date = 2018-02-07
[ 0.115812] microcode: CPU1 microcode updated early to revision 0x1f, date = 2018-02-07
[ 2.335679] microcode: CPU0 sig=0x306a9, pf=0x10, revision=0x1f
[ 2.335690] microcode: CPU1 sig=0x306a9, pf=0x10, revision=0x1f
[ 2.335694] microcode: CPU2 sig=0x306a9, pf=0x10, revision=0x1f
[ 2.335736] microcode: CPU3 sig=0x306a9, pf=0x10, revision=0x1f
[ 2.335766] microcode: Microcode Update Driver: v2.01 <tigran at aivazian.fsnet.co.uk>, Peter Oruba
admin at ubuntu-1604-microcode-test:~$ grep -E -- '^IUCODE_TOOL' /etc/default/intel-microcode
IUCODE_TOOL_INITRAMFS=auto
IUCODE_TOOL_SCANCPUS=no
admin at ubuntu-1604-microcode-test:~$ grep -E -- '^(vendor_id|model name|bugs)' /proc/cpuinfo | sort -f -r | uniq
vendor_id : GenuineIntel
model name : Intel(R) Core(TM) i5-3427U CPU @ 1.80GHz
bugs : cpu_meltdown spectre_v1 spectre_v2
*****
Old kernel, current microcode
admin at ubuntu-1604-microcode-test:~$ uname -a
Linux ubuntu-1604-microcode-test 4.4.0-62-generic #83-Ubuntu SMP Wed Jan 18 14:10:15 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
admin at ubuntu-1604-microcode-test:~$ find /sys/devices/system/cpu/vulnerabilities -type f -print -exec sudo -- cat {} \;
find: ‘/sys/devices/system/cpu/vulnerabilities’: No such file or directory
admin at ubuntu-1604-microcode-test:~$ dmesg | grep -i microcode
[ 0.000000] microcode: CPU0 microcode updated early to revision 0x1f, date = 2018-02-07
[ 0.096215] microcode: CPU1 microcode updated early to revision 0x1f, date = 2018-02-07
[ 2.321205] microcode: CPU0 sig=0x306a9, pf=0x10, revision=0x1f
[ 2.322366] microcode: CPU1 sig=0x306a9, pf=0x10, revision=0x1f
[ 2.323511] microcode: CPU2 sig=0x306a9, pf=0x10, revision=0x1f
[ 2.324657] microcode: CPU3 sig=0x306a9, pf=0x10, revision=0x1f
[ 2.326063] microcode: Microcode Update Driver: v2.01 <tigran at aivazian.fsnet.co.uk>, Peter Oruba
admin at ubuntu-1604-microcode-test:~$ grep -E -- '^IUCODE_TOOL' /etc/default/intel-microcode
IUCODE_TOOL_INITRAMFS=auto
IUCODE_TOOL_SCANCPUS=no
*****
New kernel, old microcode
admin at ubuntu-1604-microcode-test:~$ uname -a
Linux ubuntu-1604-microcode-test 4.4.0-116-generic #140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
admin at ubuntu-1604-microcode-test:~$ find /sys/devices/system/cpu/vulnerabilities -type f -print -exec sudo -- cat {} \;
/sys/devices/system/cpu/vulnerabilities/spectre_v1
Mitigation: OSB (observable speculation barrier, Intel v6)
/sys/devices/system/cpu/vulnerabilities/spectre_v2
Mitigation: Full generic retpoline
/sys/devices/system/cpu/vulnerabilities/meltdown
Mitigation: PTI
admin at ubuntu-1604-microcode-test:~$ dmesg | grep -i microcode
[ 2.363596] microcode: CPU0 sig=0x306a9, pf=0x10, revision=0x1b
[ 2.364781] microcode: CPU1 sig=0x306a9, pf=0x10, revision=0x1b
[ 2.365900] microcode: CPU2 sig=0x306a9, pf=0x10, revision=0x1b
[ 2.367050] microcode: CPU3 sig=0x306a9, pf=0x10, revision=0x1b
[ 2.368490] microcode: Microcode Update Driver: v2.01 <tigran at aivazian.fsnet.co.uk>, Peter Oruba
admin at ubuntu-1604-microcode-test:~$ grep -E -- '^IUCODE_TOOL' /etc/default/intel-microcode
IUCODE_TOOL_INITRAMFS=no
IUCODE_TOOL_SCANCPUS=no
admin at ubuntu-1604-microcode-test:~$ grep -E -- '^(vendor_id|model name|bugs)' /proc/cpuinfo | sort -f -r | uniq
vendor_id : GenuineIntel
model name : Intel(R) Core(TM) i5-3427U CPU @ 1.80GHz
bugs : cpu_meltdown spectre_v1 spectre_v2
*****
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to intel-microcode in Ubuntu.
https://bugs.launchpad.net/bugs/1756633
Title:
Backport request, 16.04 LTS (w/ Spectre/Meltdown fixups)
Status in intel-microcode package in Ubuntu:
Confirmed
Bug description:
Once the post Spectre/Meltdown situation has stabilized, it would be
appreciated if that edition of Intel CPU microcode is backported into
Xenial / 16.04 LTS.
Thanks :-)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/intel-microcode/+bug/1756633/+subscriptions
More information about the foundations-bugs
mailing list