On Mon, Jan 15, 2018 at 12:58 PM, Chris Murphy <lists@xxxxxxxxxxxxxxxxx> wrote: > On Fri, Jan 12, 2018 at 2:28 PM, Chris Murphy <lists@xxxxxxxxxxxxxxxxx> wrote: >> On Fri, Jan 12, 2018 at 2:00 PM, Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> wrote: >>> On Fri, Jan 12, 2018 at 3:31 PM, Chris Murphy <lists@xxxxxxxxxxxxxxxxx> wrote: >>>> Koji contains linux-firmware-20171215-82.git2451bb22.fc27 which >>>> contains intel-ucode from 20171117. But I don't know if this firmware >>>> contains the microcode required to completely secure from Spectre >>>> variant 2. >>> >>> Intel CPU microcode is not provided by the linux-firmware package. It >>> is shipped in the microcode_ctl package. >> >> Huh. So I have updates-testing enabled but I have >> microcode_ctl-2.1-19.fc27 still. And microcode_ctl-2.1-20.fc27 is >> stable. > > This showed up in today's batch of updates in GNOME Software, but I > did not get a notification for it. In fact I haven't received a > notification for software updates in probably two weeks. I'd like to > think this particular microcode update would be tagged as an urgent > update. > > If microcode is updated, but the initramfs isn't regenerated, so the > newer microcode get loaded later in the boot process once available? > Or does it have to be in the initramfs? I can't remember if systemd does this now by default or not. The best option is to regen the initramfs. josh _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
