Trying to mitigate meltdown and spectre: followed this guide (http://guide) for update the microcode:
* CPU microcode is the latest known available version: NO (latest version is 0x7030106 dated 2018/02/09 according to builtin MCExtractor DB v112 - 2019/05/22)
# pkg install devcpu-data
# vi /boot/loader.conf
# cat /boot/loader.conf
cpu_microcode_load="YES"
cpu_microcode_name="/boot/firmware/intel-ucode.bin"
# reboot
but when I reboot the loader.conf is resetted by default, and microcode was not updated. Is there a way for disable the rewrite protection and then enable after update it?
There's a note for your convenience at the top of loader.conf...
# head /boot/loader.conf
##############################################################
# This file was auto-generated using the rc.loader facility. #
# In order to deploy a custom change to this installation, #
# please use /boot/loader.conf.local as it is not rewritten, #
# or better yet use System: Settings: Tunables from the GUI. #
##############################################################
loader_brand="opnsense"
loader_logo="hourglass"
loader_menu_title=""
Cheers,
Franco
Owww thanks, and sorry
No worries. :)
Cheers,
Franco