@boombastik : Hello boombastik and thanks a lot for info and link of “adapted” UBU Tool! I’ve modded latest BIOS released by ASRock for my Z97 OC Formula adding latest CPU MC Rev. 23 and now with latest cumulative patch released 03 january (KB4056892 - OS Build 16299.192) my system seems OK:
Cheers, KK
EDIT by Fernando: Fully quoted post replaced by directly addressing and inserted too big picture devided and attached by using the Forum software (to save space, pictures can be enlarged by clicking onto them)
1)Rogue data cache load. This patched software and are ok to go. If your cpu is haswell and newer the windows activates also PCID perfomance optimization and the perfomance hit is smaller. This requires INVPCID (invalidate PCID) that is supported only from Haswell and up.
2)Branch target injection. This need software and firmware update to work as intented. The OS already patched this but to work ok you need and a microcode update.With microcode if u have lower cpu from skylake u will have bigger perfomance impact, because intel has optimized speculation with skylake and after.
Intel has released all these microcodes for this until now: sig 0x000306c3, pf_mask 0x32, 2017-11-20, rev 0x0023, size 23552 sig 0x000306d4, pf_mask 0xc0, 2017-11-17, rev 0x0028, size 18432 sig 0x000306f2, pf_mask 0x6f, 2017-11-17, rev 0x003b, size 33792 sig 0x00040651, pf_mask 0x72, 2017-11-20, rev 0x0021, size 22528 sig 0x000406e3, pf_mask 0xc0, 2017-11-16, rev 0x00c2, size 99328 sig 0x000406f1, pf_mask 0xef, 2017-11-18, rev 0xb000025, size 27648 sig 0x00050654, pf_mask 0xb7, 2017-11-21, rev 0x200003a, size 27648 sig 0x000506c9, pf_mask 0x03, 2017-11-22, rev 0x002e, size 16384 sig 0x000806e9, pf_mask 0xc0, 2017-12-03, rev 0x007c, size 98304 sig 0x000906e9, pf_mask 0x2a, 2017-12-03, rev 0x007c, size 98304
The first one is for haswell and i tested it in two asrock z97 anniverssary motherboards and work ok. I put it in Sonix’s UBU tool if anyone want to try it.I have only tested it in asrock z97 motherboards with haswell refresh cpus. Also killkernel tried it in his asrock formula motherboard and it worked.
GeneO an intel overclocker found from tests that microcode 23 is slower from microcode 22, but i think if someone dont overclock it is the same.
@boombastik : Since you obviously agreed to 100PIER’s proposal to create this new Subforum, I have moved your post about the CPU Microcode Update by using a customized UBU tool into it and gave this thread a hopefully meaningful title. You can change the title at every time yourself by editing the start post. If you should not agree to the movement, please let me know it.
From what I’ve read so far on different mailing lists and articles, for some attack vectors a microcode update is even a prerequisite to be safe (but of course won’t fix it by itself, it needs further OS fixes and in some cases even new software). There is even hectic development in GCC and LLVM going on, Firefox and Chrome as well. The official statement from AMD implied that only one Spectre attack vector could be used (Bounds Check Bypass) which can be resolved by software / OS updates to be made available by system vendors and manufacturers. Hence I think they are far better off from this than Intel. Only a negligible performance impact is expected. Intel on the other hand is exposed on a wider front. And only new unreleased CPUs can solve it adequatly…
… which is not a concern for me as a home user, but I guess AMD will claim some market share in business and enterprise systems this year.
For more performance numbers, this report from the Red Hat Performance Engineering team describes their research into the performance impact of various microcode and kernel patch combinations in a server environment: https://access.redhat.com/articles/3307751
Would you mind listing to steps you used to get from a microcode.dat file to something working in UBU? I’d like to do the same for my 3930k.
EDIT: I’ve gotten the microcode.dat file extracted. Now just to figure out which file is for my CPU and add it to UBU. (I think the ID is "000206D7", but I’m basing that purely off the microcode version reading as 710 in hwinfo64 and that being the only "710" that shows up in the version of UBU I used to update last time.
I extracted this microcode update for my i7 6700K (CPU-ID 506E3 - version C2) from the official UEFI bios update for PRIME-Z270-K-ASUS (version 1002) and successfully updated my Z170 Deluxe (version 3504) UEFI bios:
PS C:\WINDOWS\system32> Get-SpeculationControlSettings Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: True Windows OS support for branch target injection mitigation is present: True Windows OS support for branch target injection mitigation is enabled: True
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: True Windows OS support for kernel VA shadow is present: True Windows OS support for kernel VA shadow is enabled: True Windows OS support for PCID optimization is enabled: True
You can try to read events in event logs. Run Event Viewer, locate log "Applications and Services Logs => Microsoft => Windows => Kernel-WHEA". There are two views there "Errors" and "Operational". Also you can check "Windows Logs => System"
I did not say it is not slower if you don’t overclock, I said that I didn’t see any WHEA errors in limited testing with no overclock. 23h has WHEA internal CPU errors where 22h does not, even when not overclocked but under load. I only bench marked overclocked but I expect 23h is slower than 22h no matter the clock speed. I got 9% slower on realbench @ 4.7 GHz
It’s kinda easy to update the tool so the user gets prompted to choose the correct microcode version (Example Socket 1151): 1. Add the Microcode file to > \UBU\Modules\mCode\1151
2. Rename the files so they look the same as the others example:
3. And then edit the bacthfile under \UBU\Modules\mCode\Sel1151.bat
Kabylake:
1 2 3 4 5 6 7 8 9 10 11
echo Select Microcode for CPU Kabylake (LGA1151) echo. echo 34 Version 34 Date 10-07-2016 echo 3A Version 3A Date 22-08-2016 echo 3C Version 3C Date 05-09-2016 echo 3E Version 3E Date 16-09-2016 echo 42 Version 42 Date 02-10-2016 echo 48 Version 48 Date 15-11-2016 echo 58 Version 58 Date 09-03-2017 echo 5E Version 5E Date 06-04-2017 - Bug fix HT echo 7C Version 7C Date 03-12-2017 - Spectre Update
Find:
1 2
if /I %ec%==5E (set mc1=1151\cpu000906E9_plat2A_ver0000005E_date06-04-2017.bin) && goto mn_skl
Add After:
1 2
if /I %ec%==7C (set mc1=1151\cpu000906E9_plat2A_ver0000007C_date03-12-2017.bin) && goto mn_skl
Skylake:
Find:
1
echo BA Version BA Date 09-04-2017 - Bug fix HT
Add After:
1 2
echo C2 Version C2 Date 16-11-2017 - Spectre Update
Find:
1 2
if /I %ec%==BA (set mc2=1151\cpu000506E3_plat36_ver000000BA_date09-04-2017.bin) && exit /b
Add After:
1
if /I %ec%==C2 (set mc2=1151\cpu000506E3_plat36_ver000000C2_date16-11-2017.bin) && exit /b
Procces is the same for other sockets with there own microcodes!
