Unclear On The New MDS Patch
list_freebsd at bluerosetech.com
Tue May 21 02:55:43 UTC 2019
On 2019-05-20 11:11, Tim Daneliuk wrote:
> What about cloud based servers like Digital Ocean FreeBSD droplets? Does
> microcode updating even make sense in that context since the underlying
> system is actually what touches the hardware?
Short answer: no.
Microcode updates use the WRMSR (WRite Model Specific Register)
instruction, which requires ring 0. Intel and AMD virtualization both
emulate ring 0 for guests by pushing the physical ring 0 into a layer
only accessible by the VMM and faking it for guests so they can operate
without paravirtualization. This is visible with software like
msr-tools, where the rdmsr tool works fine but wrmsr appears to have no
effect when run on a guest.
More information about the freebsd-questions