Intel microcode seems to have moved to github.
|Reported by:||Owned by:|
As I noted on -dev and -support, the intel site we link to for microcode is not up to date. Although it has a link to a release from earlier this year, the release we link to does not show as out of date. The newer release there does show that, but links back to the earlier version.
The current version can be found on the releases link from https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/ and the current tarball for the latest versions is https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/microcode-20190514.tar.gz
These versions, in conjunction with the kernel versions released yesterday, should address the Microarchitectural Data Sampling side-channel attacks publicised yesterday.
Please look at the rst documentation in the kernel patches for more details of the many variants which apply to different intel CPUs, and the status of mitigations.
For a brief summary, see https://xenbits.xen.org/xsa/advisory-297.html. This mostly affects VMs.
Because of this, flagging as high priority. At the moment, I do not have time to work on this.