"CROSSTalk" CPU vulnerabilty (cross-core data leak)
-
-
Hi do i need to patch my xenserver using AMD EPYC ? Those patches get offered to my AMD nodes by XO.
On intel Xeon nodes it makes sense to me .... -
I would say: always apply patches, but you are free to reboot when you want. Obviously, for you, it won't change anything (no microcode update) but keeping your hosts up to date is a good practice
-
@stormi said in "CROSSTalk" CPU vulnerabilty (cross-core data leak):
Intel just released updated microcode (actually it's a revert) for some models: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases
I'll update the microcode_ctl package.
The "older" microcode that is used instead is still recent enough to contain the fixes against CROSSTalk / SRBDS.Or so I had understood, but I can't find evidence about it.So should I wait applying these updates? You seem to be unsure of which microcode version to distribute.
-
I'm unsure for Skylake. Not for other CPUs.
-
Thanks for the clarification. No Skylake present, so I will proceed.
-
Finally got some time to test your suggestions.
Removing the microcode_ctl package without dependencies did not help.
Here are both initial ramdisks for anyone interested to look at.Reinstalling XCP, then ZFS, then updating all packages worked fine.
-
@demanzke So this time no boot issue after installing the update?
-
@stormi Exactly. Must've been related to something other than just the latest packages.