Re: Downfall microcode update

Reply: Dag-Erling_SmÃ¸rgrav : "Re: Downfall microcode update"
In reply to: Dag-Erling_SmÃ¸rgrav : "Re: Downfall microcode update"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: void <void_at_f-m.fm>
Date: Thu, 10 Aug 2023 00:13:00 UTC

On Wed, Aug 09, 2023 at 11:46:10AM +0200, Dag-Erling Smørgrav wrote:
>Eugene Grosbein <eugen@grosbein.net> writes:
>> cpupdate_enable="YES" # in /etc/rc.conf should be enough
>
>You mean
>
>microcode_update_enable="yes"
>
>DES

What's the proper way then, for intel?

1. install sysutils/cpupdate and enable it in rc.conf ?
2. microcode_update_enable="yes" in rc.conf ?

3. in /boot/loader.conf:
    cpu_microcode_load="YES" 
    cpu_microcode_name="/boot/firmware/intel-ucode.bin"
    ?

All 3 ? Just 1 & 2? Is just #3 sufficient?

Make cron attempt to download updates daily, via service cpupdate download ?

Is CPM needed?

The manpage for cpupdate has this:

CPUPDATE(8)             FreeBSD System Manager's Manual            CPUPDATE(8)

NAME
      cpupdate TO BE DONE: MANPAGE

      FreeBSD 13.2-STABLE            January 15, 2018            FreeBSD 13.2-STABLE
--