<div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-family:monospace,monospace">On Thu, Jun 18, 2020 at 9:33 AM Orion Poplawski <<a href="mailto:orion@nwra.com">orion@nwra.com</a>> wrote:<br></div></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hello -<br>
<br>
I was poking around and noticed some differences in microcode output in dmesg<br>
between the stock EL7 kernel and kernel-lt:<br>
<br>
dmesg-3.10.0-1127.10.1.el7.x86_64:<br>
[ 0.000000] microcode: microcode updated early to revision 0xd6, date =<br>
2019-10-03<br>
[ 5.997673] microcode: sig=0x406e3, pf=0x80, revision=0xd6<br>
[ 5.998518] microcode: Microcode Update Driver: v2.01<br>
<<a href="mailto:tigran@aivazian.fsnet.co.uk" target="_blank">tigran@aivazian.fsnet.co.uk</a>>, Peter Oruba<br>
[ 0.000000] microcode: microcode updated early to revision 0xd6, date =<br>
2019-10-03<br>
[ 6.035419] microcode: sig=0x406e3, pf=0x80, revision=0xd6<br>
[ 6.035503] microcode: Microcode Update Driver: v2.01<br>
<<a href="mailto:tigran@aivazian.fsnet.co.uk" target="_blank">tigran@aivazian.fsnet.co.uk</a>>, Peter Oruba<br>
[ 25.411983] microcode: updated to revision 0xdc, date = 2020-04-27<br>
<br>
dmesg-4.4.227-1.el7.elrepo.x86_64:<br>
[ 0.052043] SRBDS: Vulnerable: No microcode<br>
[ 0.052066] MDS: Vulnerable: Clear CPU buffers attempted, no microcode<br>
[ 1.807176] microcode: CPU0 sig=0x406e3, pf=0x80, revision=0xc6<br>
[ 1.807189] microcode: CPU1 sig=0x406e3, pf=0x80, revision=0xc6<br>
[ 1.807210] microcode: CPU2 sig=0x406e3, pf=0x80, revision=0xc6<br>
[ 1.807230] microcode: CPU3 sig=0x406e3, pf=0x80, revision=0xc6<br>
[ 1.807312] microcode: Microcode Update Driver: v2.01<br>
<<a href="mailto:tigran@aivazian.fsnet.co.uk" target="_blank">tigran@aivazian.fsnet.co.uk</a>>, Peter Oruba<br>
<br>
This leads me to believe that the microcode is not getting updated when using<br>
the elrepo lt kernel. Is that expected?<br>
<br>
Thanks,<br>
<br>
Orion<br></blockquote><div><br></div><div style="font-family:monospace,monospace" class="gmail_default">Looks like the explanation is in the posttrans scriptlet of microcode_ctl.</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div style="font-family:monospace,monospace" class="gmail_default">rpm -q --scripts microcode_ctl</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div style="font-family:monospace,monospace" class="gmail_default">[quote]</div><div style="font-family:monospace,monospace" class="gmail_default">...<br></div><div style="font-family:monospace,monospace" class="gmail_default"># For RPM selection, kernel flavours (like "debug" or "kdump" or "zfcp",<br># with only the former being relevant to x86 architecture) are a part or RPM<br># name; it's also a part of uname, with different separator used in RHEL 6/7<br># and RHEL 8. RT kernel, however, is special, as "rt" is another part<br># of RPM name and it has its own versioning scheme both in NVR and uname.<br># And there's the kernel package split in RHEL 8, so one should look for *-core<br># and not the main package.</div><div style="font-family:monospace,monospace" class="gmail_default">pkgs="kernel kernel-debug kernel-rt kernel-rt-debug"<br></div><div style="font-family:monospace,monospace" class="gmail_default">...<br></div><div style="font-family:monospace,monospace" class="gmail_default">[/quote]</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div style="font-family:monospace,monospace" class="gmail_default">Therefore, initramfs will not be regenerated for kernel-ml or kernel-lt.</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div style="font-family:monospace,monospace" class="gmail_default">By the way, the microcode file name as shown by the lsinitrd command is:</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div style="font-family:monospace,monospace" class="gmail_default">kernel/x86/microcode/GenuineIntel.bin (Intel)</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div style="font-family:monospace,monospace" class="gmail_default">or</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div style="font-family:monospace,monospace" class="gmail_default">kernel/x86/microcode/AuthenticAMD.bin (AMD)</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div style="font-family:monospace,monospace" class="gmail_default">Akemi<br></div></div></div>