Thanks for bringing this to our attention. We are investigating the Spectre
mitigations in our R715/815 BIOS. I'll provide further updates once we are
clear on exactly what's happening.
Dave
-----Original Message-----
From: linux-poweredge-bounces-Lists On Behalf Of linux-poweredge-request-Lists
Sent: Thursday, May 3, 2018 8:58 AM
To: linux-poweredge-Lists
Subject: Linux-PowerEdge Digest, Vol 168, Issue 3
Send Linux-PowerEdge mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific than "Re:
Contents of Linux-PowerEdge digest..."
Today's Topics:
1. Re: R815 BIOS updates to mitigate Spectre don't mitigate
Spectre (lejeczek)
2. Re: R815 BIOS updates to mitigate Spectre don't mitigate
Spectre (Paul Menzel)
3. Re: R815 BIOS updates to mitigate Spectre don't mitigate
Spectre (Matt Vander Werf)
----------------------------------------------------------------------
Message: 1
Date: Thu, 3 May 2018 13:04:30 +0100
From: lejeczek <[email protected]>
To: [email protected], [email protected]
Subject: Re: [Linux-PowerEdge] R815 BIOS updates to mitigate Spectre
don't mitigate Spectre
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8; format=flowed
hi Sashi
maybe more frequently!?
maybe, more promptly for such a critical!!! vulnerabilities as spectre/meltdown.
sure you must understand what it means a day, an hour, with system that
exposed, right?
we all relay on DSU, even it it only partly solves a problem, it still is often
a critical part!
many thanks, L.
On 30/04/18 20:11, [email protected] wrote:
> Hi,
>
> Latest R815 BIOS (SWB - PDFYH) is not yet carried in 18.04.00 DSU
> repository(latest available) as it is released after our repository refresh.
> We refresh DSU repository 3rd week of every month.
> Since the current available repository was refreshed on 20th of April, next
> repository refresh (18th of May) shall carry this update.
>
> Regards,
> Sashi
>
> -----Original Message-----
> From: K, Sashi
> Sent: Monday, April 30, 2018 11:12 PM
> To: linux-poweredge-Lists
> Subject: RE: [Linux-PowerEdge] R815 BIOS updates to mitigate Spectre
> don't mitigate Spectre
>
> Hi,
>
> We'll check and get back to you at the earliest.
>
> Regards,
> Sashi
>
> From: linux-poweredge-bounces-Lists On Behalf Of lejeczek
> Sent: 27 April 2018 19:17
> Cc: linux-poweredge-Lists
> Subject: Re: [Linux-PowerEdge] R815 BIOS updates to mitigate Spectre
> don't mitigate Spectre
>
>
>
> On 27/04/18 14:24, Paul Menzel wrote:
>> Dear lejeczek,
>>
>>
>> On 04/27/18 15:18, lejeczek wrote:
>>> more importantly !! why dsu does not find this new BIOS versions -
>>> @dell guys?
>> Why is your issue more important?
> Why?? Maybe because
> https://linux.dell.com/repo/hardware/dsu/ references this mailing list, and
> though not exclusively, mainly Dell tech team is here for that reason.
>
> And nowhere near hijacking - if Dell guys read this they should see
> these are directly connected. And since, I'd imagine most of us here
> use DSU we are disappointed again that we learn again(this way) that
> maintenance of the repo is bit shoddy.(nothing to do whit you)
>
>> And, please be more polite, and do not hijack threads, and follow the
>> netiquette ? [1] is one example.
>>
>> Anyway, from the device page for my system I get with the service
>> tag, I find [2].
>>
>>
>> Kind regards,
>>
>> Paul
>>
>>
>> [1] https://en.opensuse.org/openSUSE:Mailing_list_netiquette
>> [2]
>> http://www.dell.com/support/home/us/en/04/drivers/driversdetails?driv
>> e
>> rId=PDFYH
>>
> _______________________________________________
> Linux-PowerEdge mailing list
> [email protected]
> https://lists.us.dell.com/mailman/listinfo/linux-poweredge
> _______________________________________________
> Linux-PowerEdge mailing list
> [email protected]
> https://lists.us.dell.com/mailman/listinfo/linux-poweredge
------------------------------
Message: 2
Date: Thu, 3 May 2018 15:04:58 +0200
From: Paul Menzel <[email protected]>
To: Matt Vander Werf <[email protected]>
Cc: [email protected]
Subject: Re: [Linux-PowerEdge] R815 BIOS updates to mitigate Spectre
don't mitigate Spectre
Message-ID: <[email protected]>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Dear Matt,
On 04/30/18 16:44, Matt Vander Werf wrote:
> I did actually test also on an R815 running Opteron 6234 as well, and
> got the same result. Microcode version is different (0x600063d) but
> also did not change with the update.
Thank you for sharing the information.
> Systems running Opteron 6100 series processors wouldn't be included in
> the fixes AMD said they released to OEMs (like Dell), since those are
> pre-"Bulldozer" processors. Also, from what I can tell, they don't
> need microcode updates to mitigate Spectre, since the vulnerable
> features can be disabled with simple OS updates. For those processors,
> the ibp_disable CPU flag will show up after installing latest OS
> updates (see
> https://www.realworldtech.com/forum/?threadid=176206&curpostid=176206
> and second option under AMD defaults at
> https://access.redhat.com/articles/3311301#architectural-defaults-11).
Thank you for the clarification. Indeed, updating the firmware to 3.4.0, the
microcode version is still the same at 0x10000d9 (model 9 stepping 1 ucode
0x10000d9 cpuid 0x100f91). The processor is from March 2010 [1].
> It would be nice if AMD would release microcode updates to the public
> through linux-firmware or on their own site like Intel does (
> https://downloadcenter.intel.com/download/27591/Linux-Processor-Microc
> ode-Data-File?product=873) that users can then apply manually. Sure,
> BIOS updates are always preferred, but having the microcode updates
> would mean we wouldn't have to worry about vendors like Dell releasing
> BIOS updates that work...
Agreed.
> @Dell: Any update/thoughts on this??
To bad, Dell does not answer the question at hand. (The thread hijacking also
did not help.) Did you open a call yet with Dell? Maybe that?s the better route.
Kind regards,
Paul
PS: Your signature separator misses a space after the two dashes to be
automatically stripped by standard mail user agents [1].
> --
> Matt Vander Werf
[1] https://en.wikipedia.org/wiki/Opteron
[2]
https://en.wikipedia.org/wiki/Signature_block#Signatures_in_Usenet_postings
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5174 bytes
Desc: S/MIME Cryptographic Signature
URL:
<http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180503/f287a891/attachment-0001.p7s>
------------------------------
Message: 3
Date: Thu, 3 May 2018 09:57:27 -0400
From: Matt Vander Werf <[email protected]>
To: Paul Menzel <[email protected]>
Cc: [email protected]
Subject: Re: [Linux-PowerEdge] R815 BIOS updates to mitigate Spectre
don't mitigate Spectre
Message-ID:
<cae6ttt6mmf6naz54kf56m3qnqnovdo0ztmxfmuhmh0ace8f...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hi Paul,
Someone from Dell did say they were at least looking into it [1].
I also did reach out to our account manager (sent them the links to the posts
to this list) and they said they were reaching out to the product group to see
what was going on too.
We'll see what comes of any of this.
However, it does seem like the R815 3.4.0 BIOS update page [2] that Dell's
Meltdown/Spectre page links to is no longer working...maybe it got pulled?
The Meltdown/Spectre page hasn't been updated yet though (still links to the
same 3.4.0 BIOS update page) [3].
So, we may see some updates soon...hopefully...
Thanks.
[1] http://lists.us.dell.com/pipermail/linux-poweredge/2018-May/051704.html
[2] http://www.dell.com/support/home/us/en/04/drivers/
driversdetails?driverId=PDFYH
[3] http://www.dell.com/support/article/us/en/04/sln308588/
microprocessor-side-channel-vulnerabilities-cve-2017-5715-
cve-2017-5753-cve-2017-5754-impact-on-dell-emc-products-
dell-enterprise-servers-storage-and-networking-?lang=en#bios
--
Matt Vander Werf
HPC System Administrator
University of Notre Dame
Center for Research Computing - Union Station
506 W. South Street
South Bend, IN 46601
On Thu, May 3, 2018 at 9:04 AM, Paul Menzel <[email protected]> wrote:
> Dear Matt,
>
>
> On 04/30/18 16:44, Matt Vander Werf wrote:
>
> I did actually test also on an R815 running Opteron 6234 as well, and
>> got the same result. Microcode version is different (0x600063d) but
>> also did not change with the update.
>>
>
> Thank you for sharing the information.
>
> Systems running Opteron 6100 series processors wouldn't be included
>> in the fixes AMD said they released to OEMs (like Dell), since those
>> are pre-"Bulldozer" processors. Also, from what I can tell, they
>> don't need microcode updates to mitigate Spectre, since the
>> vulnerable features can be disabled with simple OS updates. For those
>> processors, the ibp_disable CPU flag will show up after installing
>> latest OS updates (see https://www.realworldtech.com/
>> forum/?threadid=176206&curpostid=176206
>> and second option under AMD defaults at
>> https://access.redhat.com/arti cles/3311301#architectural-defaults-11).
>>
>
> Thank you for the clarification. Indeed, updating the firmware to
> 3.4.0, the microcode version is still the same at 0x10000d9 (model 9
> stepping 1 ucode 0x10000d9 cpuid 0x100f91). The processor is from March 2010
> [1].
>
> It would be nice if AMD would release microcode updates to the
>> public through linux-firmware or on their own site like Intel does (
>> https://downloadcenter.intel.com/download/27591/Linux-Proces
>> sor-Microcode-Data-File?product=873)
>> that users can then apply manually. Sure, BIOS updates are always
>> preferred, but having the microcode updates would mean we wouldn't
>> have to worry about vendors like Dell releasing BIOS updates that
>> work...
>>
>
> Agreed.
>
> @Dell: Any update/thoughts on this??
>>
>
> To bad, Dell does not answer the question at hand. (The thread
> hijacking also did not help.) Did you open a call yet with Dell? Maybe
> that?s the better route.
>
>
> Kind regards,
>
> Paul
>
>
> PS: Your signature separator misses a space after the two dashes to be
> automatically stripped by standard mail user agents [1].
>
> --
>> Matt Vander Werf
>>
>
>
> [1] https://en.wikipedia.org/wiki/Opteron
> [2] https://en.wikipedia.org/wiki/Signature_block#Signatures_in_
> Usenet_postings
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180503/7fe973b4/attachment.html>
------------------------------
Subject: Digest Footer
_______________________________________________
Linux-PowerEdge mailing list
[email protected]
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
------------------------------
End of Linux-PowerEdge Digest, Vol 168, Issue 3
***********************************************
_______________________________________________
Linux-PowerEdge mailing list
[email protected]
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
