Am 17.08.2018 um 09:54 schrieb Moritz Mühlenhoff: > This microcode release happened a week before the disclosure of L1TF and with > all previous CPU bugs, Intel initially only shipped updates to OEMs and only > released general microcode updates weeks/months later. > > Have you been able to confirm (e.g. by testing) that 20180807 implements > changes > necessary for L1TF (such as L1D_FLUSH) or is there some official statement > by Intel on this?
Actually Intel is a bit better prepared this time. 20170703 already contained l1d_flush (in addition to ssbd) for most server CPUs. 20180807 just added more CPU models (mostly desktop products). So yes, I have tested and can confirm this MCU will provide ssbd and l1d_flush on kernels that have support for these features (e.g latest Ubuntu or vanilla) Actual mitigation results may vary as outlined in [1]. Tested models include: Core i/Xeon E3 (SNB, IVB, SKL), Xeon E5 (SNB, IVB, HSW, BDW), Xeon SP (SKL) Best regards, Markus [1] https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/L1TF
