Updated Amd microcode fixes possible security issue AMD Piledriver CPUs (Fam 15h), such as the Opteron 6300 family of server chips, and specifically CPU microcode versions 0x6000832 and 0x6000836 have a bug that can potentially be exploited by virtual machine guests to hijack host servers. This update provides a new microcode that fixes the issue. SRPMS: microcode-0.20160409-1.mga5.nonfree.src.rpm i586: microcode-0.20160409-1.mga5.nonfree.noarch.rpm x86_64: microcode-0.20160409-1.mga5.nonfree.noarch.rpm Reference: http://seclists.org/oss-sec/2016/q1/450 Note, no CVE is assigned anywhere yet and no ETA for that... For testing.... just test it installs, as the only way to test it is to actually have the hw, and set up virtualization on top and running specific code to try and trigger it...
Blocks: (none) => 18031
After reboot, check eg. # dmesg | grep -i microcode [ 12.222359] microcode: CPU0 sig=0x40651, pf=0x40, revision=0x1c [ 12.288514] microcode: CPU1 sig=0x40651, pf=0x40, revision=0x1c [ 12.288567] microcode: CPU2 sig=0x40651, pf=0x40, revision=0x1c [ 12.288610] microcode: CPU3 sig=0x40651, pf=0x40, revision=0x1c [ 12.288789] microcode: Microcode Update Driver: v2.00 <tigran@aivazian.fsnet.co.uk>, Peter Oruba This is currently the old package, new may be different.
Whiteboard: (none) => has_procedure
Indeed it is different.. mga5 64 $ dmesg | grep -i microcode [ 11.894445] microcode: CPU0 sig=0x40651, pf=0x40, revision=0x1c [ 11.939409] microcode: CPU0 sig=0x40651, pf=0x40, revision=0x1c [ 11.942063] microcode: CPU0 updated to revision 0x1d, date = 2015-08-13 [ 11.942099] microcode: CPU1 sig=0x40651, pf=0x40, revision=0x1c [ 11.942148] microcode: CPU1 sig=0x40651, pf=0x40, revision=0x1c [ 11.943735] microcode: CPU1 updated to revision 0x1d, date = 2015-08-13 [ 11.943749] microcode: CPU2 sig=0x40651, pf=0x40, revision=0x1c [ 11.943793] microcode: CPU2 sig=0x40651, pf=0x40, revision=0x1c [ 11.945370] microcode: CPU2 updated to revision 0x1d, date = 2015-08-13 [ 11.945392] microcode: CPU3 sig=0x40651, pf=0x40, revision=0x1c [ 11.945434] microcode: CPU3 sig=0x40651, pf=0x40, revision=0x1c [ 11.947019] microcode: CPU3 updated to revision 0x1d, date = 2015-08-13 [ 11.947081] microcode: Microcode Update Driver: v2.00 <tigran@aivazian.fsnet.co.uk>, Peter Oruba Testing virtualbox with "Enable VT-x/AMD-V" selected. No regression noted.
Tested on 32bit Intel hw, no problem with firmware loading as before update.
CC: (none) => lists.jjorgeWhiteboard: has_procedure => has_procedure MGA5-32-OK
Testing M5 x64 real EFI hardware with AMD processor & graphics microcode-0.20160409-1.mga5.nonfree Updating this with 4.4 kernel resulted in an unbootable system. Reverting the kernel by re-installing/Update resulted in a bootable system, grep'd dmesg: [ 1.004698] microcode: microcode: updated early to new patch_level=0x05000119 [ 1.049228] microcode: CPU0: patch_level=0x05000119 [ 1.049247] microcode: CPU1: patch_level=0x05000119 So no apparent regression, this update OK according to Comment 0.
CC: (none) => lewyssmithWhiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OK
Validated. Advisory ex Comment 0 uploaded.
Keywords: (none) => validated_updateWhiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure MGA5-32-OK MGA5-64-OK advisoryCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGAA-2016-0072.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
Blocks: 18031 => (none)