Posts

Exposed: The missing Meltdown/Spectre microcode updates - is Intel lying to the public?

In short:

This document reveals that Intel apparently refuses to release almost half of their Meltdown/Spectre microcode updates (MCU) to the public.


In the "Microcode Revision Guidance" (MRG) are 93 processor families listed. For 16 of these the MCU development has been stopped for various reasons, thus 77 families remain, which we examine.

On April 25 Intel made a new microcode download (MD) available to the public.

Of these 77 families, the MD only supplies 42 (55%) with new microcode files.

35 families (45%) do not get updates. Of these, 25 families the MD lacks any MCU, and for 10 it supplies obsolete MCUs with new file timestamps.

The text analyzes the situation and examines possible reasons why
almost half (45%) of these crucial microcode updates have not been made available to the public, even months after they were declared production quality.

Several appendices containing detailed tables and listings substantiate the text.



(Published by Stefan Blachmann, May 15, 2018)

In t…

Notes for making the sysutils/cpupdate port, testing, review etc

The manual page is currently only as this draft page, as I still have to format it using pod2man, as Eugene suggested.


microcode libraries to be used:
The paths for the are #defined in cpupdate.h.

They are currently set to
/usr/local/share/cpupdate/CPUMicrocodes/primary
         --> gets searched first.
         Intention: Place newest manufacturer's files there.
and
/usr/local/share/cpupdate/CPUMicrocodes/secondary
         --> gets searched if no matching update found in the first directory
         Intention: Place converted platomavs' files into.

The paths above get appended by the manufacturer names, currently defined as

    #define VENDORNAME_INTEL ("Intel")
    #define VENDORNAME_AMD ("AMD")
    #define VENDORNAME_VIA ("VIA")

in cpupdate.h.


So the files downloadable from Intel here in the intel-ucode subdirectory of microcode-20180312.tgz  could be placed in
/usr/local/share/cpupdate/CPUMicrocodes/primary/Intel


The platomav files converted…