Slashdot Mirror
Intel Says Some CPU Models Will Never Receive Microcode Updates (bleepingcomputer.com)
An anonymous reader writes: Intel released an update to the Meltdown and Spectre mitigation guide, revealing that it stopped working on mitigations for some processor series. The Meltdown and Spectre mitigation guide is a PDF document that Intel published in February. The file contains information on the status of microcode updates for each of Intel's CPU models released in the past years. Intel has constantly updated the document in the past weeks with new information about processor series and the microcode firmware version number that includes patches for the Meltdown and Spectre flaws.
An update published on Monday includes for the first time a "Stopped" production status. Intel says that processors with a "Stopped" status will not receive microcode updates. The reasons basically vary from "redesigning the CPU micro-architecture is impossible or not worth the effort" to "it's an old CPU" and "customers said they don't need it." The following Intel processor products received a "Stopped" status marker: Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0, Wolfdale M0, Wolfdale E0, Wolfdale R0, Wolfdale Xeon C0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon.
An update published on Monday includes for the first time a "Stopped" production status. Intel says that processors with a "Stopped" status will not receive microcode updates. The reasons basically vary from "redesigning the CPU micro-architecture is impossible or not worth the effort" to "it's an old CPU" and "customers said they don't need it." The following Intel processor products received a "Stopped" status marker: Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0, Wolfdale M0, Wolfdale E0, Wolfdale R0, Wolfdale Xeon C0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon.
I'm sorry, but if I'm investing in a high-end, server-class CPU, I expect it to be supported for as long as is reasonably possible. If they said they weren't updating 10 year old Celerons or Atoms, that might be understandable. But Xeons? Let's just say I don't plan to every buy one again, at least so long as AMD represents a reasonable alternative. In fact, I will always stick with AMD (as I long have, for other reasons) until and unless Intel makes some kind of definite, enforceable support commitment.
Nonaggression works!
Apparently what's inside is the experience of abandonment.
I work at intel, please!
Please note, that just because it receives a microcode update, doesn't mean it's secure. The processors are still buggy as hell.
"First they came for the slanderers and i said nothing."
BIZX says âoeSlashdot will never receive Unicode updates.â Ainâ(TM)t nobody got time for that!
Can we get a run down of the retail names for these CPUs? I feel like Intel is running a fast one on us through these code names.
Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0, Wolfdale M0, Wolfdale E0, Wolfdale R0, Wolfdale Xeon C0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon
Are these 2012 or 2014 i5s or i7s? Xeons, are they the server or high end desktop kinds. Did HP or IBM use them in their products? Where should I be looking for more information guys?
You must not be a programmer.
According to programmer logic, the equivalent way of looking at your statement is that his cock is as big as his brain.
Doesn't sound so nearly bad now, does it?
'Intel says that processors with a "Stopped" status will not receive microcode updates. The reasons basically vary from "redesigning the CPU micro-architecture is impossible or not worth the effort" to "it's an old CPU" and "customers said they don't need it."'
Well, I am writing this on an Intel Core i-7 940, and I *do* need it. I paid quite a lot for this PC (although a while ago) and I don't see why I should not expect it to work reliably.
In general, moreover, it seems axiomatic that anyone who owns and is using one of those processors marked "Stopped" does need a fix.
It seems that Intel is ready to admit that it was (and may be still) unable to design and build processors that were dependably secure in normal operation.
Also that it is willing to let its customers down without compensation.
I am sure that there are many other solipsists out there.
AFAIK, these microcode updates need to be incorporated into a bios update.
Is Dell or HP going to release a new bios/mcode update for 5 year old systems? I doubt it.
And most of these cpu's are 8-10 years old.
Cue the AMD fanboys who aren't getting updates for 8 year old AMD cpu flaws either.
the deafening cacophony of cheers and laughter as class action suit attorneys joined hands together again in a fit of glorious praise. For today, the Intel legal team had truly blessed them with a bountiful harvest. Yes, truly, the second summer home in the Hamptons would see a new wet bar and game room after all.
Good people go to bed earlier.
It's okay. Who wants updates anyway? ### REFUND ### is the word! ;-)
Intel has so many CPUs that they can't even keep track of all of them.
They listed the old Core 2 Duo of my Mac mini as STOPPED (shocking, I know), but I can't even find the i5-4660 of my gaming PC in the document.
#DeleteFacebook
I've never heard most of the code names in the list. How am I supposed to match these to the names in my laptop's manual? What are the names or IDs reported by hwinfo or cpuid on Linux?
Why is CPU identification such a mess to the average user? Is it because I'm not supposed to know my laptop actually contains an inferior variant of a powerful processor?
Really wish Apple had gone with AMD.
New wish. Apple should buy Intel for their fabs and shut the rest down.
That's BULLSHIT. These CPUs are everywhere and still very serviceable for 99% of tasks they are used for. I'm not a gamer why do I need a faster CPU?
That's a ten your old chip, so I'm not surprised they won't support it.
Time to upgrade, just vote with your money and buy AMD.
Are the new i5, i7 and i9 CPUs also vulnerable to these flaws?
#DeleteFacebook
You can still buy parts for a 1955 Chevy or a 1964 Ford Mustang so why not an old computer?
For all the noise about "The Environment" you can do more by just using things as long as possible.
...didn't realize Trump worked for Intel's marketing department ;)
On a more serious note, the real reason is kinda two-fold:
* The marketing ROI is crap for many of these CPU models, to the point where the goodwill generated is gonna be way too low for the effort required to implement the fixes in them.
* The second reason can be summed up as "...maybe it's time to for you to buy some new gear...", which is still pretty much in Intel's favor (of course there's always going to be folks who get pissy enough about it to buy AMD CPU gear, but I'm betting that since most folks only see these fixes as a hindrance, the number of people going to AMD over this is not much more than statistical noise...)
Quo usque tandem abutere, Nimbus, patientia nostra?
As long as "Full generic retpoline" is reported in the /sys/devices/system/cpu/vulnerabilities/spectre_v2 file, Spectre (and likely Meltdown) are not a concern.
The best was to accomplish that for Red Hat environments is to install Oracle's kernel RPM for the "Unbreakable Enterprise Kernel" (UEK).
AMD isn't pushing a Spectre fix for older CPUs. Nor is Qualcomm for Snapdragon. Nor is Samsung for Exynos. We could go on for quite a long time with such a list.
If you need the fix for your i7 which Intel has abandoned (just like all the vendors above), run a modern Linux kernel where you see the file /sys/devices/system/cpu/vulnerabilities/spectre_v2. If this file contains the word "Full" then your kernel is protected, and you don't need microcode.
The microcode is only required on Skylake and newer for full remediation.
Do you think that ARM will be replacing all the Cortex A75s that are vulnerable to the full range of Meltdown and Spectre vulnerabilities? Are we sure that Apple's ARM implementations will have superior security architecture?
We guarantee car because they have a single purpose which is relatively constrained in its use case, and usually have a very long usage time before technology obsolete them, compared to cpu which are general purpose , and technology relatively take them over (9 years is an eternity for chips).
Or that unpleasant feeling of fullness while being raped?
Aah, change is good. -- Rafiki
Yeah, but it ain't easy. -- Simba
OpenBSD just got this capability also.
$ rpm -qi microcode_ctl | tail -3
The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode.
None of this makes me feel any more inclined to favor Intel over AMD. This isn't their first "brown paper bag" bug and I doubt it will be their last.
AMD has bugs in their chips too. They're vulnerable to Spectre as well.
If only a 3 year warranty is even offered on some of the highest-end chips they made at the time, when some new cars are warrantied for 10
You only see a 10 year warranty on powertrains (which seldom break) and even then it isn't a 10 year warranty, It's typically a 10 year OR 100,000 mile warranty, whichever comes first. The comprehensive warranties are 3-5 years OR 30-50K miles.
I think that says something really awful about even Intel's own assessment of whether its products can be supported in the long term.
Find me ANY large chip maker offering support on a ten year old chip. Why would they offer support on chips that by computer industry standards are ancient when none of their competitors do either? AMD certainly isn't offering 10 year warranties.
AMD may or may not be drastically better, but Intel has set a very low bar, and it is going to take them serious time to earn back my business, assuming they ever do.
Sounds to me like you already preferred AMD and were just looking for a reason to bash Intel. If you prefer AMD that's fine. They make good products in general and I'd have no quarrel with someone choosing AMD chips. But if you think AMD is going to be any better on the support front than Intel you are being naive.
Please be aware there are many class action lawsuits against Intel on these and related flaws. Search for Intel class action spectre meltdown to find one local to you. Intel's handling of this has been ridiculous from the start: ignoring the issue, downplaying it, stalling, failing to disclose and now refusing to fix it without compensation. Fix coming soon forever and then almost a year later we get oh this looks like too much work to fix so we are giving up; please buy a computer.
Their designs compromise public safety. There is no time limit to that. Unreal!
processors do not identify to an operating system as "FurTongue Hyper," they identify with some alphanumeric code. so it does no good to say FurTongue45 is supported and DirtyTail6 is not. the whole thing is a load of nonsense that hides what's under the hood. a pox on all chipmakers' houses.
if this is supposed to be a new economy, how come they still want my old fashioned money?
We still have a perfectly working IBM X336 and a 3 * X3850 (m1) you insensitive cold
The sheer number of insults being thrown at Intel over this issue is pure amazement. Comparisons to cars (#causeSlashdot) and of course to AMD (#flameon), but it seems to me that there are far too great of expectations for the level of support a company should provide, especially given the sheer complexity of a processor and how it relates to security threats. To expect the design of something like a general purpose CPU to be perfect out of the door and error-free for the next several decades seems ridiculous to me. The claims that people now have to throw away their hardware because of this seem equally ridiculous.
At some point, ANY for-profit company is going to stop supporting an old product, especially in a low-margin environment. The sheer rate of technological advancement almost necessitates that. Let's stop blaming Intel for what is effectively an industry-normal rate of support. Consider that 10 years ago:
We were on the 2.4 Linux Kernel (no longer supported with updates)
Intel Processors were running on LGA775 sockets (NewEgg sells only 2 compatible motherboards directly, both from ASRock. ASUS/Gigabyte/ETC all don't sell compatible motherboards anymore)
We were running RHEL 2/3/4, all of which are no longer supported
But I don't see anyone griping that these other entities are engaged in the practice of forced upgrades, leaving their trusted and loyal customers hanging in the face of growing security concerns. So maybe all the Intel bashing should either subside or should be expanded to the entire industry, but I think the latter is a bit naive. Security threats evolve, new ones are created, old ones forgotten or mitigated. If it were easy, there wouldn't be a dozen new packages to update my OS every day. Remember that Intel can't just push all updates to these older architectures by themselves either, some require BIOS updates and now you're expecting motherboard companies to update a product they haven't touched in a decade as well.
But now they say its ok because it was 10 yeard ago now so were cool right?
Fuck you NSA-cocksuckers.
Sounds like a refund is in order, then. My vendor shouldn't be able to arbitrarily decide that fixing a design flaw is too tedious for them when that flaw exposes me to real danger and/or requires me to purchase a replacement. I mean... what the fuck? What possible motivation do they have to do things right going forward if they aren't responsible for their fuck-ups?
Captcha: viruses
How else is Intel going to get even richer? Users that run old hardware, simply because it is still good enough are a plague in Intel's profits! This is a perfectly fine opportunity to force them to upgrade and should not be missed.
In completely unrelated news, I am currently planning to get a nice new Ryzen 2 system when they become available.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
If I ran a PC refurb company I wouldn't be too happy with Intel today
So that's just a few weeks from (an of course premature and ill-conceived) "oh, my server's CPU doesn't seem to be affected" (because in the beginning of the spectre/meltdown aftermath it wasn't even on Intel's official list) to "oh, my server's CPU not only is very much affected indeed, it won't even get the necessary microcode anymore". And no, that server is definitely not being used in a closed environment. And no, it is neither uncommon nor unreasonable to use ten-year-old servers for purposes which need limited horsepower, while still profiting from all the bells and whistles of a server like a lights-out feature with its own network interface and a full-fledged RAID controller.
Thank you, Intel, for giving me such a determining reason for future purchase decisions, the next of which seems to be closer than I thought until a few minutes ago (or wanted, for that matter).
In the first generation mobile Core i processors (i7-xxx and i5-xxx), the low end ones (i7-6xx, i5-4xx, i3-3xx) are fixed, but the higher end ones (i7-7xx, i7-8xx, i7-9xx) are being stopped. Same is true with the desktop processors.
I suspect that's a matter of what's architecturally viable to fix as opposed to *ahem* marketing considerations. Perhaps the processor in question has more aggressive speculative execution baked into the hardware that's difficult (if possible at all) to mitigate.
I'll admit a certain amount of distrust of Intel right now. They did not behave as I expected them to.
Seriously not meaning to sound snide but perhaps your expectations are unrealistic? I think there is no reasonable basis to expect AMD would have behaved any differently than Intel in the same situation. Intel has done pretty much exactly what I expected them or any rational profit seeking company to do.
* The second reason can be summed up as "...maybe it's time to for you to buy some new gear...", which is still pretty much in Intel's favor (of course there's always going to be folks who get pissy enough about it to buy AMD CPU gear, but I'm betting that since most folks only see these fixes as a hindrance, the number of people going to AMD over this is not much more than statistical noise...)
To me, the "customers said they don't need it" part (when applied to Bloomfield and Gulftown) sounds like "the crowd who's spent hundreds of dollars for a few % speed increase would wilfully opt out of the performance-crippling patches anyway". Though I've seen a few posts here contradicting that line of reasoning.
Running a old Dell T5400 with the dual Harpertowns that I picked up used. No microcode patch to slow me down, no sir!
Dual quad cores running at 3Ghz. That's like 24Ghz right?
Average Intelligence is a Scary Thing
These are the Core 2 and very first Core I series processors from 8 to 10 years ago.
Hour long are they expected to keep updating microcode? Especially when apparently their customers that pretty for support don't want too bother with these old CPUs
if your "system" means a new motherboard, maybe. If you are responsible for a couple of dozen installations of "Windows for Warships", and specification to commissioning takes most of 10 years, you are not a happy bunny. In fact, you may feel more like a chocolate bunny at Easter.
There are a very large number of situations where replacement is extremely expensive.
Intel need to be very severely punished for obsoleting pinouts and not providing (paid) replacements that fit the same socket. I would like to see the weight of an entire warship dropped on Intel from a great height for their constant forcing socket changes. I would probably support mediaeval torture, lynch mobs or other cruel and inhuman punishments for their CEO for having both 1155 and 1156 pin sockets. That was just so spiteful and arrogant, as well as technically immature.
also I7 no ecc less pci-e less ram channels lower ram cap.
"Intel- Experience when it's inside you with no lube"
"Intel announces policy aimed at inducing more people to buy new Intel products"
Because, what else are you gonna do? Mmm, sweet monoculture.
I miss the golden days of "Socket 7", when I went for what seemed like almost 10 years by just swapping CPUs (at one point, keeping the current cpu & replacing the mobo with another socket 7 mATX board for some reason I can't remember. No matter how hard Intel tried to kill it, everyone else treated it like a de-facto standard & it just became even MORE entrenched until PC-100 ram finally became too limiting (and expensive... from what I recall, 128mb of pc100 cost about 2-3x as much as 128mb of pc133 or DDR-1, to the point where you could pay for a new mobo with the ram savings alone).
They're not kidding when they say "sometimes its impossible". Microcode is NOT general purpose code. There's only so much you can do with microcode, and it often involves just messing with voltage timings and gates that are already part of the silicon. Granted, I'm sure some supply-demand / cost/benefit analysis is going on, but please challenge the assumption that they can just 'fix the bug' with microcode updates.
You largely can't reprogram what the CPU's underlying silicon actually does, using microcode. People keep talking about it like its some complete programming language. It is not.
a better analogy would be that it is similar to a program that is running the system for controlling railroad track switching. You can make the trains do a lot by making them switch tracks and change direction and so forth, but there's only so much you can do - the tracks they go on and the location of the switches are pre-set.
Oh never mind, the 'customers said they don't need it' was paraphrased from the following sentence in TFA: 'Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.' So that makes it more likely they were actually referring to the 'SoFIA 3GR': a low-powered Atom part.