On 01/18/18 09:01, Johnny Hughes wrote:
On 01/18/2018 07:51 AM, Phelps, Matthew wrote:
On Thu, Jan 18, 2018 at 5:03 AM, Johnny Hughes <johnny@xxxxxxxxxx> wrote:
So, if we applied the previous microcode update, and all our machines
rebooted OK, then we don't need to fallback?
Also, do we know if the updated CentOS microcode RPM reverted the microcode
for *all* Intel CPUs, or just the ones that had issues? In other words, if
I apply the latest microcode update to our 100+ machines (which all have
the previous update, and are OK) will they revert to a vulnerable state?
It reverted for all .. but, your machines may or may not be protected as
only a subset of machines were updated with the original microcode from
Intel.
It is your call as to what you install .. but the correct method is to
install the current microcode_ctl .. and then research your specific
machine, its CPU, chipset, firmware .. go to the vendor and make sure
you get all the things necessary to mitigate the issues. It will be
different for each CPU vendor (Intel or AMD), each CPU / Chipset combo,
and even each vendor (Dell may have new firmware for x and y but not z
models, etc.)
There is no one size fits all update for this issue.
OK, so color me confused about the timing in all this.
Do we update the microcode now or do we wait until the latest
microcode_ctl rpm is available and then tackle this issue?
--
Unencumbered by the thought process.
-- Click and Clack the Tappet brothers
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos