Amd or Intel? Here's a procedure for the intel microcode if you are using a generic kernel and an initrd. The Amd procedure would be similar and less steps, but someone who's done it for Amd will have to comment on it.
-Install intel-microcode and iucode_tool from slackbuilds.org
-create /boot/intel-ucode.img for your specific cpu (smaller cpio image)
Code:
iucode_tool -Ll -S --write-earlyfw=/boot/intel-ucode.img /lib/firmware/intel-ucode
-I recommend creating an /etc/mkinitrd.conf and adding a "MICROCODE_ARCH=" line as follows. Note that I also add the btrfs module here and the sed/findmnt combination will replace ROOTDEV with whatever you have specified in /etc/fstab for /. In my case that's the UUID.
Code:
/usr/share/mkinitrd/mkinitrd_command_generator.sh -c |sed "s#ROOTDEV.*#ROOTDEV=\"`findmnt -sn -o SOURCE /`\"#" > /etc/mkinitrd.conf
# I've found that this line isn't actually needed, but is still useful as a reminder.
Code:
echo 'MICROCODE_ARCH="/boot/intel-ucode.img"' >> /etc/mkinitrd.conf
-if you haven't also updated the kernel then you can just run
Now you can reboot. I would save the before/after output of the "spectre-meltdown-checker.sh" script to compare.
Now that you know how, do you really want to slow down your cpu? How likely is it that any of those attacks can be used on your system?