As the title says:
Microcode for CPUID 206C2 (Westmere EP) not found in latest Microcode data files (4/25/2018)
Maybe this is a slip-up, as the Microcode Update Guidance says that there are two changes:
1) CPUID 206C2 (Westmere EP) Status: Production
2) CPUID 206C2 (Gulftown) Status: Stopped
Microcode Update Guidance (April 2 2018): https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf
Microcode Data Files (4/25/2018): https://downloadcenter.intel.com/download/27776/Linux-Processor-Microcode-Data-File https://downloadcenter.intel.com/download/27776/Linux-Processor-Microcode-Data-File
CPU in question:
cpu family : 6
microcode : 0x15
model : 44
model name : Intel(R) Xeon(R) CPU E5645 @ 2.40GHz
stepping : 2
iucode_tool: system has processor(s) with signature 0x000206c2
So is this a problem on your end, or something different?
Hello, toffee. Thank you very much for sharing your issue with the Intel Communities Team. I will be more than glad to assist you.
In this case, the only information we have available about this issue is the one provided on the following link: https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysi... https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysi...
This site is constantly being updated so any release about this will be shared on it.
I wrote and tested my microcode update tool https://github.com/kernschmelze/cpupdate cpupdate using a workstation with Westmere EP processors, so I can confirm that the statement that Westmere EP does not support OS loading of microcode updates is utter nonsense, if not an outright lie.
My personal guess the reason why Intel refuses to release the https://www.blackhat.com/docs/us-15/materials/us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Desi... memory sinkhole fix MCU to the public is this:
To have the microcode update fix the memory sinkhole bug fully, it appears necessary to turn off part or all of the Westmere's version of the https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/ IME backdoor.
And so I guess they hand out the microcode only to big players that are willing to sign NDAs, because imagine everybody would deactivate the IME backdoor... spy agencies and organized crime won't be happy.
Obviously problems with syncing the IME backdoor with the first wave of Meltdown/Spectre microcode updates (these released on January 8) were responsible for the reboot issues.
This seems a logical conclusion, as it is well-known that mistakes when tampering with the IME backdoor can cause reboots after 30 minutes.
Anyway, I have done a lot of analysing and researching, because almost 50% of the microcode updates listed in the "Microcode Revision Guidance" are missing in the April 25 microcode download.
Please read https://bsd.denkverbot.info/2018/05/exposed-missing-meltdownspectre.html the document with my findings.
I would appreciate if Intel now would finally release the microcode updates to the public.
Otherwise I'd find appropriate that Intel explains why they refuse to release 45% of the production quality microcode updates to the public.
Because, the public deserves to know the reasons why Intel knowingly and apparently intentionally keeps their customers vulnerable to the Meltdown/Spectre exploits.
Hi Toffee and Snurg,
We've reviewed our internal documentation concerning Westmere EP's ability to support microcode loading by the OS and you are correct, Westmere EP does support OS loadable microcode. Thanks for pointing out the error.
We are also looking at the microcode download to make sure we are providing everything we can. I'll let you know when I have an update on that.
Thanks again for helping us uncover these issues in our documentation and the download.