Yet another Intel issue

    grantm Staff
    Posts: 3
    Member since: Dec 16
    Contact:  

    Hi all,

    So it turns out there is unfortunately another major bug within Intel's CPU architecture, that this time specifically affects multi-tennant environments. Bad news for any cloud provider! Fortunately we have been on the case and have put a patch live already. However we also recommend that everyone else does the same. We have a good blog post explaining a bit more here: https://www.civo.com/blog/intel-s-latest-security-vulnerability-our-steps-and-yours If anyone wants to ask any questions or just have a rant at Intel (I did as they made me do the late night change ;) ) Feel free to share your thoughts about it here.

    Post liked by RickyL zacharym
    3 months ago
    Posts: 4
    Member since: May 17
    Contact:  

    Hi Grant,

    Wondering, did you guys update the microcode on the compute nodes via the intel-microcode or microcode_ctl package via your distro's package manager? From what I understand that needs to be done along with the kernel upgrade and disabling hyperthreading. Is hyperthreading disabled as well now? If so, wondering what the performance hit is to compute nodes.

    Post liked by grantm
    3 months ago
    grantm Staff
    Posts: 3
    Member since: Dec 16
    Contact:  

    Hi Zachary,

    Thanks for reaching out! We have indeed updated the intel-microcode package as that was also needed along with the kernel patching. We have disabled hyperthreading for now ( just as a precautionary measure ) although there are not thought to be any "Real world attacks" that can affect this at the moment. If we get the all clear from Intel we will enable it again. I have seen a bit of a performance hit of around 5%, but luckily as we use the Intel Gold CPU's we have enough cores and power that hopefully customers such as yourself wont notice the difference too much.

    Intel do like keeping us all on our toes it seems ;)

    3 months ago