On Sun, 2017-05-28 at 19:50 -0600, JD wrote:
Is fedora providing this?
-------- Forwarded Message --------
Subject: Re: Intel / AMD CPU Microcode Updates Required For
Security
Date: Sun, 28 May 2017 23:52:46 +0000
From: Ben Woods <woodsb02(a)gmail.com>
To: RW <rwmaillists(a)googlemail.com>, freebsd-questions@freebs
d.org,
freebsd-security(a)freebsd.org
On Mon, 29 May 2017 at 7:35 am, RW via freebsd-questions <
freebsd-questions(a)freebsd.org> wrote:
> On Sun, 28 May 2017 17:53:01 -0400
> grarpamp wrote:
>
> > Blobs that fix exploitable things may be slightly better than
> > blobs.
> > Awareness should be raised, and updates applied to systems.
> >
> > # sysutils/devcpu-data New Microcode Released for Intel / AMD
> >
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219268
>
> Is there a standard way to run cpucontrol? There doesn't seem to be
> an
> rc.d script.
There is an rc script installed with this port:
https://svnweb.freebsd.org/ports/head/sysutils/devcpu-data/files/micr
ocode_update.in?view=markup
Regards,
Ben
> --
Yes, Fedora does provide intel and amd x86 processor microcode updates.
(in linux-firmware (amd (/lib/firmware/amd-ucode), and intel
(microcode-ctl) (/lib/firmware/intel-ucode)) And it uses linux early
microcode way of loading microcode (It is prepended (at least I think
it is) to initramfs):
[bgrubic@quad ~]$ cpio -t -F initramfs-4.11.3-300.fc26.x86_64.img
.
early_cpio
kernel
kernel/x86
kernel/x86/microcode
kernel/x86/microcode/GenuineIntel.bin
58 blocks
Also on boot (kernel log) you possibly can see something like this:
[ 0.000000] microcode: microcode updated early to revision 0xba,
date = 2010-10-03
[ 0.810945] microcode: sig=0x6fb, pf=0x10, revision=0xba
[ 0.811007] microcode: Microcode Update Driver: v2.2.