
Intel Ships (hopefully Stable) Microcode for Skylake, Kaby Lake, Coffee Lake - rbanffy
https://arstechnica.com/gadgets/2018/02/intel-ships-hopefully-stable-microcode-for-skylake-kaby-lake-coffee-lake/
======
chapill
I'm disappointed that Intel is getting all the attention here.

ARM64 chips like A72 have meltdown/spectre issues too. Chips like the ones the
current lineup of ARM Chromebooks. Nobody is backporting Meltdown fixes to
kernel before 4.16(?)[1], Google isn't updating Chrome OS kernel from 4.4 for
these Rockchip devices, and that's because the closed source Mali GPU drivers
only work on a fixed kernel version: 4.4. Furthermore, a kernel update isn't
sufficient, there needs to be an update to the firmware too.[2] I suspect this
means the chromebook must be opened, and a write protect screw will need to be
removed to flash a new read only BIOS.

Intel has 32[3] separate class action lawsuits over this issue. AFAIK, nothing
is happening to the companies selling broken hardware, with no fix, or plans
to fix.

Very disappointed.

[1] [http://kroah.com/log/blog/2018/01/06/meltdown-
status/](http://kroah.com/log/blog/2018/01/06/meltdown-status/)

[2] [https://developer.arm.com/support/security-
update](https://developer.arm.com/support/security-update)

[3][https://arstechnica.com/gadgets/2018/02/32-class-action-
suit...](https://arstechnica.com/gadgets/2018/02/32-class-action-suits-filed-
against-intel-over-spectre-and-meltdown-flaws/)

~~~
gruez
>ARM64 chips like A72 have meltdown/spectre issues too.

meltdown/spectre are two different exploits (as much as intel likes to group
the two together distribute blame). meltdown only affects intel.

~~~
chapill
You are wrong. See [2] above. Variant 3a is meltdown. A proof of concept is
here,

[https://github.com/lgeek/spec_poc_arm](https://github.com/lgeek/spec_poc_arm)

I've tried it personally. It is vulnerable.

------
mattst88
Here's the full PDF from Intel, showing the status of microcode updates for
what looks like CPUs going back to what looks like the first 64-bit Core CPUs
-- [https://newsroom.intel.com/wp-
content/uploads/sites/11/2018/...](https://newsroom.intel.com/wp-
content/uploads/sites/11/2018/02/microcode-update-guidance.pdf)

(Disclaimer: I work for Intel, but not on anything related to this and have no
knowledge on the topic outside of this PDF)

------
vbernat
Intel ships, but only to vendors, while they could ship those damn microcodes
directly on their website. We now have to wait for vendors to put those
microcodes in their BIOS and release them...

~~~
mattst88
They release a microcode package for Linux. The kernel will load it from an
initramfs, so no need to flash your BIOS. First lines in my dmesg are:

    
    
       [    0.000000] microcode: microcode updated early to revision 0xc2, date = 2017-11-16
       [    0.000000] Linux version 4.14.14+ (mattst88@p50-ethernet) (gcc version 6.4.0 (Gentoo 6.4.0-r1 p1.3)) #19 SMP Sun Feb 4 00:20:02 PST 2018

~~~
vbernat
As you can see, your update is outdated (from the 20171117 bundle, pre-
Spectre).

------
clra
This might be a silly questions, but it's not addressed by the article, I
don't know the answer, and I suspect I'm not the only one: Is the microcode
update likely to help reverse performance degradations that resulted from
kernel-level remediations?

~~~
tedunangst
No, it adds new branch history controls that let you make things even slower.

------
nedsma
What about Broadwell-E chips?

