[SOLVED] Risk of applying Intel microcode update for Meltdown/Spectre?

Questions about hardware,drivers and peripherals
Forum rules
Before you post please read how to get help
Post Reply
User avatar
slipstick
Level 5
Level 5
Posts: 785
Joined: Sun Oct 21, 2012 9:56 pm
Location: Somewhere on the /LL0 scale

[SOLVED] Risk of applying Intel microcode update for Meltdown/Spectre?

Post by slipstick » Mon Jan 15, 2018 4:33 am

So far, I've been holding off on applying the microcode update (but I have updated to kernel 4.4.0-109 and FF 57.0.4, and Nvidia driver 384.111) because of reports of problems with the microcode update on Haswell and Broadwell processors (I have a Haswell core i5-4690). Another reason I've delayed is because up until now I really didn't know exactly what microcode did or how it fits into the system.

So here's what I have learned, but not sure if this is all correct, so I would appreciate corrections to any errors you see:

The microcode tells the processor how to interpret the machine language instructions (interfaces between the instructions and the CPU hardware)

The microcode is stored in volatile memory on the CPU and has to be loaded at every boot.

The microcode is normally stored in the UEFI/BIOS firmware, but can be supplied by the OS to override the firmware supplied microcode.

If I receive a firmware update from my computer or motherboard manufacturer containing the updated microcode, there is a possibility of bricking my computer by installing this if something goes wrong during the installation?

If I don't install new UEFI firmware, but let the OS install the microcode, I should be able to recover if something bad happens by booting on a USB stick, installing Timeshift, and then restoring my latest Timeshift snapshot?
Last edited by slipstick on Tue Jan 16, 2018 12:32 am, edited 2 times in total.
In theory, theory and practice are the same. In practice, they ain't.

User avatar
thx-1138
Level 6
Level 6
Posts: 1160
Joined: Fri Mar 10, 2017 12:15 pm
Location: Athens, Greece

Re: Risk of applying Intel microcode update for Meltdown/Spectre?

Post by thx-1138 » Mon Jan 15, 2018 4:45 am

slipstick wrote:If I receive a firmware update from my computer or motherboard manufacturer containing the updated microcode, there is a possibility of bricking my computer by installing this if something goes wrong during the installation?
No - the kernel simply won't load it if it's an earlier revision. In contrast, if there's something that is to worry about & which always contains a certain level of risk, it's the full BIOS update...
If I don't install new UEFI firmware, but let the OS install the microcode, I should be able to recover if something bad happens by booting on a USB stick, installing Timeshift, and then restoring my latest Timeshift snapshot?
Not even - a grub parameter is all that will be needed.

One more note - open a terminal &:

Code: Select all

dmesg | grep microcode
Note the dates / values. After updating the microcode & rebooting, repeat such & compare: theoritically, the date displayed should be at the very least 2007-06-01 or later (as this was the date the flaws were disclosed to Intel). If the date displayed is earlier than that, then it certainly means that Intel hasn't yet included / released a 'corrected' microcode for your model: still though, they might do at some later moment. That's pretty much all there is to it...
Last edited by thx-1138 on Mon Jan 15, 2018 5:01 am, edited 1 time in total.

User avatar
slipstick
Level 5
Level 5
Posts: 785
Joined: Sun Oct 21, 2012 9:56 pm
Location: Somewhere on the /LL0 scale

Re: Risk of applying Intel microcode update for Meltdown/Spectre?

Post by slipstick » Mon Jan 15, 2018 4:55 am

thx-1138 wrote:
slipstick wrote:If I receive a firmware update from my computer or motherboard manufacturer containing the updated microcode, there is a possibility of bricking my computer by installing this if something goes wrong during the installation?
No - the kernel simply won't load it if it's an earlier revision. In contrast, if there's something that is to worry about / always contains a certain level of risk, is the full BIOS update...
The full BIOS update is what I'm worried about - isn't that what I would get if the MB manufacturer supplies new firmware because new microcode is needed?
thx-1138 wrote:
slipstick wrote:]If I don't install new UEFI firmware, but let the OS install the microcode, I should be able to recover if something bad happens by booting on a USB stick, installing Timeshift, and then restoring my latest Timeshift snapshot?
Not even - a grub parameter is all that will be needed.
Thanks for that info - bookmarked!
In theory, theory and practice are the same. In practice, they ain't.

User avatar
thx-1138
Level 6
Level 6
Posts: 1160
Joined: Fri Mar 10, 2017 12:15 pm
Location: Athens, Greece

Re: Risk of applying Intel microcode update for Meltdown/Spectre?

Post by thx-1138 » Mon Jan 15, 2018 5:18 am

slipstick wrote:The full BIOS update is what I'm worried about - isn't that what I would get if the MB manufacturer supplies new firmware because new microcode is needed?
Yes. Generally speaking, for BIOS updates, there's 2 things that need to be checked in advance:
1) That the computer is plugged into the wall socket - electricity doesn't go off while executing the update. Pretty much every BIOS update i've ran in my life explicity states such during the earlier stages of the procedure so that people don't forget to do so.
2) Most BIOS implementations have a setting to allow 'Back Flash' in case something wrong. It's a good habit to have this setting enabled...

In regards to the recent flaws, the updated kernel (plus latest Firefox) pretty much has you covered (and what it doesn't yet have covered, it will with later revisions). So, if the question is should i bother to update the BIOS, should i only install intel-microcode, or should i do both, i'll simply direct you this thread here, and you decide afterwards the plus & the cons...
viewtopic.php?f=61&t=261020

User avatar
slipstick
Level 5
Level 5
Posts: 785
Joined: Sun Oct 21, 2012 9:56 pm
Location: Somewhere on the /LL0 scale

Re: Risk of applying Intel microcode update for Meltdown/Spectre?

Post by slipstick » Mon Jan 15, 2018 5:44 am

Thanks again. Good info in that link. I may not get a BIOS update anyway - checked the Gigabyte site - they have some updates for this, but not for my MB.

1) this is a desktop, so it is not only plugged into the wall, but has a UPS.
2) I'll check my UEFI to see if there is a setting for 'Back Flash' or whatever it's called by the manufacturer.
In theory, theory and practice are the same. In practice, they ain't.

Post Reply

Return to “Hardware Support”