search

liske / needrestart

Restart daemons after library updates.
GNU General Public License v2.0
426 stars 67 forks source link

Microcode unknown on virtualized OS #268

Closed rpajik closed 1 year ago

rpajik commented 1 year ago

I got issue after upgrade Debian to Bookworm for testing. Needrestart return microcode unknown instead of the system is virtualized via kvm/qemu.

#needrestart -w -v
[main] eval /etc/needrestart/needrestart.conf
[main] needrestart v3.6
[main] running in root mode
[Core] Using UI 'NeedRestart::UI::stdio'...
[main] systemd detected
[ucode] using NeedRestart::uCode::AMD
[ucode] using NeedRestart::uCode::Intel
[uCode/AMD] #0 cpu vendor id mismatch
[uCode/Intel] #0 current revision: 0x0001
+ iucode_tool --scan-system
+ grep -oE [^[:space:]]+$
+ sig=0x00000f61
+ [ -r /sys/devices/system/cpu/cpu0/microcode/processor_flags ]
+ filter=-S
+ test -r /etc/needrestart/iucode.sh
+ . /etc/needrestart/iucode.sh
+ type bsdtar
+ IUCODE_TOOL_EXTRA_OPTIONS=
+ test -r /etc/default/intel-microcode
+ test  = no
+ [ -r /usr/share/misc/intel-microcode* ]
+ iucode_tool -l -S --ignore-broken -tb /lib/firmware/intel-ucode
+ grep 0x00000f61
Use of uninitialized value $processor in concatenation (.) or string at /usr/share/perl5/NeedRestart/uCode.pm line 61.
[ucode] # did not get available microcode version

Failed to check for processor microcode upgrades.

cpuinfo:

processor   : 0
vendor_id   : GenuineIntel
cpu family  : 15
model       : 6
model name  : Common KVM processor
stepping    : 1
microcode   : 0x1
cpu MHz     : 2499.998
cache size  : 16384 KB
physical id : 0
siblings    : 8
core id     : 0
cpu cores   : 8
apicid      : 0
initial apicid  : 0
fpu     : yes
fpu_exception   : yes
cpuid level : 13
wp      : yes
flags       : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti
bugs        : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit mmio_unknown
bogomips    : 4999.99
clflush size    : 64
cache_alignment : 128
address sizes   : 40 bits physical, 48 bits virtual
power management:

microcode processor flag:

stat /sys/devices/system/cpu/cpu0/microcode/processor_flags
stat: cannot statx '/sys/devices/system/cpu/cpu0/microcode/processor_flags': No such file or directory

Debian Bullseye works as expected:

#needrestart -w -v
[main] eval /etc/needrestart/needrestart.conf
[main] needrestart v3.5
[main] running in root mode
[Core] Using UI 'NeedRestart::UI::stdio'...
[main] systemd detected
[main] vm detected
[main] inside container or vm, skipping microcode checks
janit42 commented 1 year ago

I'm seeing something similar in an ancient RHEL 7 VM (release 7.9, Kernel 3.10.0-1160.88.1.el7.x86_64) with needrestart v3.6:

# needrestart -wv
[main] eval /etc/needrestart/needrestart.conf
[main] needrestart v3.6
[main] running in root mode
[Core] Using UI 'NeedRestart::UI::stdio'...
[main] systemd detected
[ucode] using NeedRestart::uCode::AMD
[ucode] using NeedRestart::uCode::Intel
[uCode/AMD] #0 cpu vendor id mismatch
[uCode/Intel] #0 current revision: 0xb000040
++ iucode_tool --scan-system
++ grep -oE '[^[:space:]]+$'
+ sig=0x000406f1
+ '[' -r /sys/devices/system/cpu/cpu0/microcode/processor_flags ']'
+ filter=-S
+ test -r /etc/needrestart/iucode.sh
+ . /etc/needrestart/iucode.sh
+ type bsdtar
+ IUCODE_TOOL_EXTRA_OPTIONS=
+ test -r /etc/default/intel-microcode
+ . /etc/default/intel-microcode
++ IUCODE_TOOL_EXTRA_OPTIONS=--ignore-broken
+ test '' = no
+ '[' -r '/usr/share/misc/intel-microcode*' ']'
+ iucode_tool -l -S --ignore-broken --ignore-broken -tb /lib/firmware/intel-ucode
+ grep 0x000406f1
Use of uninitialized value $processor in concatenation (.) or string at /usr/share/perl5/vendor_perl/NeedRestart/uCode.pm line 59.

However, on the same RHEL 7.9 version on a physical host, the output ist partly similar, I'll put it here in case it may help to dug down on the error:

# needrestart -wv
[main] eval /etc/needrestart/needrestart.conf
[main] needrestart v3.6
[main] running in root mode
[Core] Using UI 'NeedRestart::UI::stdio'...
[main] systemd detected
[ucode] using NeedRestart::uCode::AMD
[ucode] using NeedRestart::uCode::Intel
[uCode/AMD] #0 cpu vendor id mismatch
[uCode/Intel] #0 current revision: 0x001f
++ iucode_tool --scan-system
++ grep -oE '[^[:space:]]+$'
+ sig=0x000206c2
+ '[' -r /sys/devices/system/cpu/cpu0/microcode/processor_flags ']'
++ cat /sys/devices/system/cpu/cpu0/microcode/processor_flags
+ filter='-s 0x000206c2,0x1'
+ test -r /etc/needrestart/iucode.sh
+ . /etc/needrestart/iucode.sh
+ type bsdtar
+ IUCODE_TOOL_EXTRA_OPTIONS=
+ test -r /etc/default/intel-microcode
+ . /etc/default/intel-microcode
++ IUCODE_TOOL_EXTRA_OPTIONS=--ignore-broken
+ test '' = no
+ '[' -r '/usr/share/misc/intel-microcode*' ']'
+ iucode_tool -l -s 0x000206c2,0x1 --ignore-broken --ignore-broken -tb /lib/firmware/intel-ucode
+ grep 0x000206c2
Use of uninitialized value $processor in concatenation (.) or string at /usr/share/perl5/vendor_perl/NeedRestart/uCode.pm line 59.
[ucode] # did not get available microcode version
[uCode/AMD] #1 cpu vendor id mismatch
[uCode/Intel] #1 current revision: 0x001f
++ iucode_tool --scan-system
++ grep -oE '[^[:space:]]+$'
+ sig=0x000206c2
+ '[' -r /sys/devices/system/cpu/cpu0/microcode/processor_flags ']'
++ cat /sys/devices/system/cpu/cpu0/microcode/processor_flags
+ filter='-s 0x000206c2,0x1'
+ test -r /etc/needrestart/iucode.sh
+ . /etc/needrestart/iucode.sh
+ type bsdtar
+ IUCODE_TOOL_EXTRA_OPTIONS=
+ test -r /etc/default/intel-microcode
+ . /etc/default/intel-microcode
++ IUCODE_TOOL_EXTRA_OPTIONS=--ignore-broken
+ test '' = no
+ '[' -r '/usr/share/misc/intel-microcode*' ']'
+ iucode_tool -l -s 0x000206c2,0x1 --ignore-broken --ignore-broken -tb /lib/firmware/intel-ucode
+ grep 0x000206c2
Use of uninitialized value $processor in concatenation (.) or string at /usr/share/perl5/vendor_perl/NeedRestart/uCode.pm line 59.
[ucode] # did not get available microcode version

Failed to check for processor microcode upgrades.
jcharaoui commented 1 year ago

Same issue here. On a standard Debian bookworm kvm installation (which includes systemd), needrestart does not detect the virtualised environment. Installing the libimvirt-perl package works around the problem.

jcharaoui commented 1 year ago

This seems to have been fixed here 27bf4678bb92f68dfadd04ab04e96cba6ea2c376, but it has not been released, and so is not present in Debian.

liske commented 1 year ago

This seems to have been fixed here 27bf467, but it has not been released, and so is not present in Debian.

Yes, this was fixed by #248

I'm closing this issue as it is fixed upstream. Unfortunately I don't know if the patch will be ported to bookworm.