[ale] News: Red Hat slams into reverse on CPU fix for Spectre design blunder

Horkan Smith ale at horkan.net
Thu Jan 18 12:24:15 EST 2018 

TL;DR - some people had problems w/ Ubuntu desktop, others were ok; Intel microcode may be available for Ubuntu but not default.


FWIW (incomplete, hearsay evidence so not much);

We mostly use Ubuntu desktop and derivatives in house (small shop w/ 6-7 active linux users); I heard from 3 that experienced 'issues' after the update - two had multiple apparent freezes-requiring-reboot, one had multiple machines that would boot, but be very slow or unable to open firefox, chromium, or even gnome-terminal & would fail w/ a compiz crash.  Also FWIW, at least two had the 4.13.0-26-generic kernel (Ubuntu 16.04.3 release, 16.04.1 seems to be at 4.4.0-109-generic), and I think they both use the Intel graphics driver.

On the other hand, I've been running the upgrade on both .1 and .3 w/ out issues on 2 Nvidia and 1 AMD machine.  (The AMD may not be good evidence, it's mostly used headless.)  I also tend to use a lightweight DE (LXDE or fvwm).

Also, I'm pretty sure there's an Intel microcode that's considered proprietary, which means you have to explicitly check the 3rd party box to enable it, then install it.  You might also have to turn off secure boot - I know you do for the Nvidia drivers.  I'm not positive if that's the same microcode they patch, however.

later!
   horkan


On Thu, Jan 18, 2018 at 11:29:06AM -0500, DJ-Pfulio via Ale wrote:
>Ubuntu has a microcode package for intel (intel-microcode) or amd CPUs.
>I don't know if that package is included by default or not.  It was
>already installed on my 16.04 laptop and a 14.04.5 server, so when I do
>patch, the updated microcode will come to those systems.
>
>Also, x32 Ubuntu isn't high priority, so people running non-64-bit
>installs shouldn't expect patches until after all the x64 stuff is solved.
>
>On 01/18/2018 11:21 AM, Lightner, Jeffrey via Ale wrote:
>> RHEL was issuing both a kernel patch and a microcode update for CPUs.   It may be other distros weren't doing the microcode update.  In RHEL's reversal they say they did the microcode as a convenience but view it as the chip maker's responsibility.   The reversal was to get rid of the RHEL microcode update and take out optimizations to the kernel that relied upon it.
>>
>> Maybe SUSE and others weren't also providing a microcode update.
>>
>> Note that without a CPU firmware/microcode update you're not protected against Spectre but may be protected against Meltdown.
>>
>>
>> -----Original Message-----
>> From: Ale [mailto:ale-bounces at ale.org] On Behalf Of Beddingfield, Allen via Ale
>> Sent: Thursday, January 18, 2018 11:18 AM
>> To: Jim Kinney; Atlanta Linux Enthusiasts
>> Subject: Re: [ale] News: Red Hat slams into reverse on CPU fix for Spectre design blunder
>>
>> I'm going to throw the question out to some SUSE folks and see what answer I get.  They would be the other one with the resources for independent testing . . .
>>
>> On 1/18/18 10:16 AM, Jim Kinney wrote:
>>> Please check with other distros! RedHat is probably taking a lead in
>>> building a patch as they have resources. I've seen other distros issue
>>> kernel patches after rhel that are rpm based.
>>>
>>> On January 18, 2018 11:12:50 AM EST, "Beddingfield, Allen via Ale"
>>> <ale at ale.org> wrote:
>>>
>>>     So, my question at this point:
>>>     We haven't heard anything similar out of SUSE, and I haven't heard of
>>>     anything in the Debian/Ubuntu world?  Are we to assume we are "good" if
>>>     we have SUSE and Debian/Ubuntu systems patched up, and that it is just
>>>     the RHEL world that can't get their act together?  It seems to me that
>>>     we are likely to hear a "me too" out of the other vendors following Red
>>>     Hat's announcement.  Thoughts?  I'm going to pose the same question to a
>>>     SUSE heavy audience, see what I get, and report back . . .
>>>
>>>     Allen B.
>>>
>>>     On 1/18/18 7:23 AM, DJ-Pfulio via Ale wrote:
>>>
>>>         Red Hat slams into reverse on CPU fix for Spectre design
>>> blunder
>>>
>>>
>>> https://www.theregister.co.uk/2018/01/18/red_hat_spectre_firmware_upda
>>> te_woes/
>>>
>>>         Be careful out there.
>>>
>>>         Anyone seen system instabilities from the different layers of
>>>         patches?
>>>
>>>         I've delayed patching the last few weeks to let others find most
>>>         of the
>>>         issues first. ;)
>>>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://mail.ale.org/mailman/listinfo/ale
>See JOBS, ANNOUNCE and SCHOOLS lists at
>http://mail.ale.org/mailman/listinfo

-- 
Horkan Smith
678-777-3263 cell, ale at horkan.net

More information about the Ale mailing list