Intel Says Some CPU Models Will Never Receive Microcode Updates

An anonymous reader writes: Intel released an update to the Meltdown and Spectre mitigation guide, revealing that it stopped working on mitigations for some processor series. The Meltdown and Spectre mitigation guide is a PDF document that Intel published in February. The file contains information on the status of microcode updates for each of Intel's CPU models released in the past years. Intel has constantly updated the document in the past weeks with new information about processor series and the microcode firmware version number that includes patches for the Meltdown and Spectre flaws.

An update published on Monday includes for the first time a "Stopped" production status. Intel says that processors with a "Stopped" status will not receive microcode updates. The reasons basically vary from "redesigning the CPU micro-architecture is impossible or not worth the effort" to "it's an old CPU" and "customers said they don't need it." The following Intel processor products received a "Stopped" status marker: Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0, Wolfdale M0, Wolfdale E0, Wolfdale R0, Wolfdale Xeon C0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon.

This is BS.

[Joey+Vegetables]

I'm sorry, but if I'm investing in a high-end, server-class CPU, I expect it to be supported for as long as is reasonably possible. If they said they weren't updating 10 year old Celerons or Atoms, that might be understandable. But Xeons? Let's just say I don't plan to every buy one again, at least so long as AMD represents a reasonable alternative. In fact, I will always stick with AMD (as I long have, for other reasons) until and unless Intel makes some kind of definite, enforceable support commitment.

Re:This is BS.

[Joey+Vegetables]

None of this makes me feel any more inclined to favor Intel over AMD. This isn't their first "brown paper bag" bug and I doubt it will be their last. If only a 3 year warranty is even offered on some of the highest-end chips they made at the time, when some new cars are warrantied for 10, I think that says something really awful about even Intel's own assessment of whether its products can be supported in the long term. AMD may or may not be drastically better, but Intel has set a very low bar, and it is going to take them serious time to earn back my business, assuming they ever do.

Re:This is BS.

[Archtech]

The processor of the PC on which I am writing this is just ten years old. Why do you believe that a ten-year-old processor should not be in use? (You should see my car: it's 18 years old. But then it's a Volvo, properly designed and robustly built).

It's not even as if you can buy processors today that are very much faster than my ancient i7-940. Their price/performance may be better, but guess what? I don't care because I *already paid for mine*. Of course, I am referring to single-core performance which is the limiting factor for most desktop applications. The i7-940 has four cores, which I feel is about right for a desktop - any software that does benefit from parallelism will see a significant speed-up.

Perhaps you are a devotee of the cult of technical progress. In which case you should take a long look at the facts, and understand that Intel microprocessors are not a very good example of such progress.

Re:This is BS.

[Aaden42]

Realistically most enterprise customers use hardware for 3 to a MAXIMUM of 5 years, then it's out the door. Even high-end Xeon CPU's. It's entirely plausible that the bulk of actual enterprise customers(*) don't care.

(*) Note: actual enterprise customers, not nerds who buy surplus servers off eBay to run in their basements.

Disclaimer: I am one such nerd.

Re:This is BS.

[blind+biker]

AMD may or may not be drastically better,

Seeing as though AMD CPUs are not susceptible to Meltdown, I would say they have an enormous advantage over intel's. The fact is that Meltdown, unlike Spectre, is very easily exploitable in practical terms, and is the one people should be actually worried about.

PDF ends with "Intel - Experience what's inside"

[JoeyRox]

Apparently what's inside is the experience of abandonment.

Code names

[H3lldr0p]

Can we get a run down of the retail names for these CPUs? I feel like Intel is running a fast one on us through these code names.

Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0, Wolfdale M0, Wolfdale E0, Wolfdale R0, Wolfdale Xeon C0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon

Are these 2012 or 2014 i5s or i7s? Xeons, are they the server or high end desktop kinds. Did HP or IBM use them in their products? Where should I be looking for more information guys?

Re:Gah please don't shoot us!

[Opportunist]

Live by the QWORD, die by the QWORD.

Re:Old CPU's...and does it matter?

[freeze128]

A BIOS update would certainly be nice, but it's not necessary. The OS can apply microcode updates (both windows and linux) during boot time. Also, these microcode updates don't survive a power-off event. There is no flash memory on the CPU. The OS would need to apply the microcode on every boot, which is what it does.

This is not entirely fair.

[emil]

AMD isn't pushing a Spectre fix for older CPUs. Nor is Qualcomm for Snapdragon. Nor is Samsung for Exynos. We could go on for quite a long time with such a list.

If you need the fix for your i7 which Intel has abandoned (just like all the vendors above), run a modern Linux kernel where you see the file /sys/devices/system/cpu/vulnerabilities/spectre_v2. If this file contains the word "Full" then your kernel is protected, and you don't need microcode.

The microcode is only required on Skylake and newer for full remediation.

Baby I'm Amazed

[jonesy16]

The sheer number of insults being thrown at Intel over this issue is pure amazement. Comparisons to cars (#causeSlashdot) and of course to AMD (#flameon), but it seems to me that there are far too great of expectations for the level of support a company should provide, especially given the sheer complexity of a processor and how it relates to security threats. To expect the design of something like a general purpose CPU to be perfect out of the door and error-free for the next several decades seems ridiculous to me. The claims that people now have to throw away their hardware because of this seem equally ridiculous.

At some point, ANY for-profit company is going to stop supporting an old product, especially in a low-margin environment. The sheer rate of technological advancement almost necessitates that. Let's stop blaming Intel for what is effectively an industry-normal rate of support. Consider that 10 years ago:

We were on the 2.4 Linux Kernel (no longer supported with updates)
Intel Processors were running on LGA775 sockets (NewEgg sells only 2 compatible motherboards directly, both from ASRock. ASUS/Gigabyte/ETC all don't sell compatible motherboards anymore)
We were running RHEL 2/3/4, all of which are no longer supported

But I don't see anyone griping that these other entities are engaged in the practice of forced upgrades, leaving their trusted and loyal customers hanging in the face of growing security concerns. So maybe all the Intel bashing should either subside or should be expanded to the entire industry, but I think the latter is a bit naive. Security threats evolve, new ones are created, old ones forgotten or mitigated. If it were easy, there wouldn't be a dozen new packages to update my OS every day. Remember that Intel can't just push all updates to these older architectures by themselves either, some require BIOS updates and now you're expecting motherboard companies to update a product they haven't touched in a decade as well.

Re:RL Support Timelines

[mckwant]

I hear you, but there are valid reasons for driving a '55 Chevy. I'm a 2000 Civic guy myself, but old cars are pretty, and if mechanic-ing is your thing, Godspeed.

Less confident that's the case here, though. I haven't tracked Intel names for a while now, but got bored/curious, data Wikipedia except for one:

Bloomfield / Bloomfield Xeon: 4c/8t, running 2.4-3.3GHz, produced '08-'11.
Clarksfield: Mobile Quad i7, 1.6-2.0GHz base, 3.2 turbo. 45W TDP, produced '08-11.
Gulftown: 6 cores running 3.2-3.4GHz, production started in '11
Harpertown: Quad core, 2-3.4GHz, produced '07-present
Jasper Forest: Quad core, 1.7-2.4GHz, produced '10-present
Penryn: Mobile C2D, 2-4 cores, 1.2-3GHz, produced '07-'11
SoFIA 3GR: (Intel page) 2W TDP, 1.1GHz Atoms, and that's enough about that
Wolfdale: 2 cores, 2.5-3.5GHz, produced '07-'11
Yorkfield: Quad core, 2.3-3.2GHz, produced '07-'11

What in there is worth the time to refurbish? Bloomfield/Gulftown, we'll talk, maybe, but it would literally have to drop into my lap, come in a fully functioning box, and I'd have to invent a task for it. Even then, finding memory/cards/etc. would be problematic, and you're definitely stuck on USB 2.0. At best. No, I'm not doing the research.

I can see why folks are getting their shorts in a bind, but let's pump the brakes a little bit, anyway. I dunno. Probably just another "Yeah, you're officially old now" moment.