Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability

From: Pawan Gupta
Date: Tue Nov 19 2024 - 14:31:38 EST


On Tue, Nov 19, 2024 at 10:49:21AM -0800, Dave Hansen wrote:
> On 11/19/24 09:45, Pawan Gupta wrote:
> > Sorry for playing the devil's advocate. I am wondering who is the prime
> > beneficiary of this change?
>
> At a very high level, it's for folks with new kernels and old microcode.
>
> It's _very_ normal for someone to report a bug and for us upstream folks
> to ask them to reproduce on the latest mainline. The moment they do
> that, they get the latest microcode list. Folks don't randomly upgrade
> to a new kernel for fun in production. But it's hopefully a very normal
> activity for folks having problems and launching into debug.

Ah, that makes sense.

> In other words, "new kernel / old microcode" might be relatively rare,
> but it still gets used at a *very* critical choke point.

Right.