microcode_ctl/update_ucode

324 lines
7.4 KiB
Plaintext
Raw Permalink Normal View History

#! /bin/bash -eu
# Maintain kernel-version-specific symlinks in /lib/firmware based on
# configuration present in /usr/share/microcode_ctl/ucode_with_caveats.
#
# SPDX-License-Identifier: CC0-1.0
export LC_ALL=C
usage()
{
echo "Usage: update_ucode [--action {add|remove|refresh|list}]" \
"[--kernel KERNELVER]* [--verbose] [--dry-run]" \
"[--cleanup intel_ucode caveats_ucode]" \
"[--skip-common] [--skip-kernel-specific]" >&2
}
debug() { [ 0 = "$verbose" ] || echo "$*" >&2; }
# Calls find only if the first argument exists and is a directory.
# Avoids spurious "find: '...' No such file or directory" for the directories
# that may not exist.
find_d() { [ \! -d "$1" ] || find "$@"; }
MC_DIR=/usr/share/microcode_ctl
INTEL_UCODE_DIR=intel-ucode
DATA_DIR=/usr/share/microcode_ctl/ucode_with_caveats
FW_DIR=/lib/firmware
check_caveats=/usr/libexec/microcode_ctl/check_caveats
action=refresh
kernel=
verbose=0
verbose_opt=
dry_run=0
remove_cleanup=0
cleanup_intel=
cleanup_caveats=
skip_common=0
skip_caveats=0
while [ 1 -le "$#" ]; do
case "$1" in
-C|--skip-common)
skip_common=1
;;
-K|--skip-kernel-specific)
skip_caveats=1
;;
-a|--action)
shift
action="$1"
;;
-k|--kernel)
shift
kernel="$kernel $1"
;;
-v|--verbose)
verbose=1
verbose_opt="-v"
;;
-n|--dry-run)
dry_run=1
;;
-c|--cleanup)
remove_cleanup=1
shift
cleanup_intel="$1"
shift
cleanup_caveats="$1"
;;
*)
echo "Unknown argument \"$1\"" >&2
usage
exit 1
esac
shift
done
cmd=
[ 0 -eq "$dry_run" ] || cmd=echo
case "$action" in
add|remove|refresh|list)
# Scan all directories in FW_DIR and all existing kernels
if [ -z "$kernel" ]; then
debug "No kernel versions provided, scanning..."
kvers=$(find_d /lib/modules/ -name '[2-9].*' -print)
for k_dir in $kvers; do
k="${k_dir#/lib/modules/}"
Update Intel CPU microcode to microcode-20240531 release - Update Intel CPU microcode to microcode-20240531 release, addresses CVE-2023-22655, CVE-2023-23583. CVE-2023-28746, CVE-2023-38575, CVE-2023-39368, CVE-2023-42667, CVE-2023-43490, CVE-2023-45733, CVE-2023-46103, CVE-2023-49141: - Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c; - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at revision 0x4121; - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) at revision 0x4121; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-08) at revision 0x4121; - Addition of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) at revision 0x4121; - Addition of 06-ba-08/0xe0 microcode at revision 0x4121; - Addition of 06-cf-01/0x87 (EMR-SP A0) microcode at revision 0x21000230; - Addition of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) at revision 0x21000230; - Addition of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) at revision 0x21000230; - Addition of 06-cf-02/0x87 (EMR-SP A1) microcode at revision 0x21000230; - Removal of 06-8f-04/0x10 microcode at revision 0x2c000290; - Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision 0x2b0004d0; - Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xb4 up to 0xb6; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xf8 up to 0xfa; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xf4 up to 0xf8; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xf4 up to 0xf6; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xf4 up to 0xf6; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xfa up to 0xfc; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000181 up to 0x1000191; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003604 up to 0x4003605; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003604 up to 0x5003605; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002703 up to 0x7002802; - Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision 0xe000014 up to 0xe000015; - Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x38 up to 0x3e; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003b9 up to 0xd0003d1; - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000268 up to 0x1000290; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3e up to 0x42; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x22 up to 0x24; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc2 up to 0xc4; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x34 up to 0x36; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x4e up to 0x50; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x17 up to 0x19; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x430 up to 0x433; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x430 up to 0x433; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-ucode/06-9a-04) from revision 0x430 up to 0x433; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x430 up to 0x433; - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x5 up to 0x7; - Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000024 up to 0x24000026; - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf8 up to 0xfa; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf8 up to 0xfa; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5d up to 0x5e; - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x11d up to 0x123; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x411c up to 0x4121; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x411c up to 0x4121; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x411c up to 0x4121; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x411c up to 0x4121; - Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x12 up to 0x17; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x32 up to 0x35. * .gitignore: Replace /microcode-20231009.tar.gz entry with /microcode-20240531.tar.gz. * 0001-releasenote.md-eliminate-usage-of-U-0080.patch * 0002-releasenote.md-eliminate-most-of-the-trailing-whites.patch: Remove. * 0003-releasenote.md-remove-excess-Release-Notes-headers.patch: Likewise. * 0004-releasenote.md-sort-the-entries-of-the-20230808-rele.patch: Likewise. * 0005-releasenote.md-fix-incorrect-platform-mask-for-RPL-H.patch: Likewise. * 0006-releasenote.md-fix-stepping-for-RPL-S.patch: Likewise. * 0007-releasenote.md-add-missing-06-ba-03-e0-to-the-new-mi.patch: Likewise. * 0008-releasenote.md-remove-the-duplicating-06-9e-0c-22-re.patch: Likewise. * 0009-releasenote.md-fix-old-revisions-for-06-8e-09-10-and.patch: Likewise. * 0010-releasenote.md-add-old-revisions-for-06-be-00-11-06-.patch: Likewise. * 0011-releasenote.md-add-stub-release-notes-for-microcode-.patch: Likewise. * 06-8c-01_readme: Add a checksum for revision 0xb6. * 06-8e-9e-0x-0xca_readme: Add checksum for new microcode revisions of 06-8e-0c and 06-9e-0[9acd] CPUIDs. * 06-8e-9e-0x-dell_readme: Likewise. * codenames.list: Add descriptors for signatures a06a4 (06-aa-04, MTL), c06f1 (06-cf-01, EMR-SP A0), and c06f2 (06-cf-02, EMR-SP A1). * microcode_ctl.spec (intel_ucode_version): Bump to 20240531. (Source0): Add the URL back. (Patch0001, Patch0002, Patch0003, Patch0004, Patch0005, Patch0006, Patch0007, Patch0008, Patch0009, Patch0010, Patch0011): Remove. (%prep): Don't apply the patches. (%changelog): Add a record. * sources: Replace microcode-20231009.tar.gz record with microcode-20240531.tar.gz. * update_ucode: Also check for symvers.xz in addition to symvers.gz. Resolves: RHEL-30861 Resolves: RHEL-30864 Resolves: RHEL-30867 Resolves: RHEL-30870 Resolves: RHEL-30873 Resolves: RHEL-41094 Resolves: RHEL-41109 Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>
2024-07-29 16:04:22 +00:00
[ ! -e "${k_dir}/symvers.gz" -a ! -e "${k_dir}/symvers.xz" ] || {
debug " Adding $k (from /lib/modules)"
kernel="$kernel $k"
}
done
kvers=$(find_d /lib/firmware/ -name '[2-9].*' -print)
for k_dir in $kvers; do
k="${k_dir#/lib/firmware/}"
[ ! -d "$k_dir" ] || {
debug " Adding $k (from /lib/firmware)"
kernel="$kernel $k"
}
done
kernel=$(printf "%s" "$kernel" | xargs -n 1 | sort -u)
fi
;;
*)
echo "Unknown action \"$action\"" >&2
usage
exit 1
;;
esac
# Generic part: managing intel ucode
debug "Running action \"$action\" on common Intel microcode directory"
while :; do
[ 0 -eq "$skip_common" ] || break
[ ! -e "/etc/microcode_ctl/intel-ucode-disallow" ] || {
debug " Skipping \"$i\":" \
"\"/etc/microcode_ctl/intel-ucode-disallow\"" \
"present"
break
}
[ ! -e "$FW_DIR/intel-ucode-disallow" ] || {
debug " Found \"$FW_DIR/intel-ucode-disallow\"," \
"skipping"
break
}
# Removing old files
case "$action" in
refresh|remove|list)
debug " Removing old files from ${FW_DIR}/${INTEL_UCODE_DIR}"
if [ 0 = "$remove_cleanup" ]; then
find_d "${MC_DIR}/${INTEL_UCODE_DIR}" \
-maxdepth 1 -mindepth 1 \
-type f -printf '%f\n'
else
cat "$cleanup_intel"
fi | while read -r fname; do
name="${FW_DIR}/${INTEL_UCODE_DIR}/${fname}"
# Needed in case we downgrade to a version where
# no symlinks in /lib/firmware were used
if [ 1 = "$remove_cleanup" ]; then
[ -L "$name" ] || continue
fi
[ "xlist" != "x$action" ] || {
echo "$name"
continue
}
$cmd rm -f $verbose_opt "$name"
done
[ "xlist" = "x$action" ] || {
# Removing possible dangling symlinks
find_d "${FW_DIR}/${INTEL_UCODE_DIR}" \
-maxdepth 1 -mindepth 1 \
-type l -printf '%p\n' \
| while read -r fname; do
[ -e "$fname" ] || {
debug " Removing danging symlink \"$fname\""
$cmd rm -f $verbose_opt "$fname"
}
done
$cmd rmdir -p $verbose_opt \
"${FW_DIR}/${INTEL_UCODE_DIR}" 2>/dev/null \
|| true
}
;;
esac
# Adding new ones
case "$action" in
add|refresh)
debug " Creating symlinks in ${FW_DIR}/${INTEL_UCODE_DIR}"
$cmd mkdir -p $verbose_opt "${FW_DIR}/${INTEL_UCODE_DIR}"
$cmd find "${MC_DIR}/${INTEL_UCODE_DIR}" -maxdepth 1 -mindepth 1 \
-type f -exec bash -c 'ln -fs '"$verbose_opt"' '\''{}'\'' \
"'"${FW_DIR}/${INTEL_UCODE_DIR}/"'$(basename '\''{}'\'')"' \;
;;
esac
break
done
debug "Running action \"$action\" on kernels $kernel"
if [ 0 = "$remove_cleanup" ]; then
ls "$DATA_DIR"
else
cat "$cleanup_caveats"
fi | while read -r i; do
[ 0 -eq "$skip_caveats" ] || break
debug "Processing data directory \"$i\"..."
for k in $(echo "$kernel"); do
debug " Processing kernel version \"$k\""
{
out=$($check_caveats -k "$k" -c "$i" $verbose_opt)
ret="$?"
} || :
paths=$(printf "%s" "$out" | sed -n 's/^paths //p')
ignore=$(printf "%s" "$out" | sed -n 's/^skip_cfgs //p')
[ -z "$ignore" ] || {
debug " Configuration is ignored, skipping"
continue
}
case "$action" in
remove|refresh|list)
[ "xlist" = "x$action" ] || \
debug " Removing \"$paths\" (part of $action)..."
for p in $(printf "%s" "$paths"); do
find_d "$DATA_DIR/$i" -path "$DATA_DIR/$i/$p" \
-printf "%P\n"
done | while read -r path; do
[ -e "$FW_DIR/$k/readme-$i" ] || {
debug " \"$FW_DIR/$k/readme-$i\"" \
"is not found, skipping" \
"\"$paths\" removal"
break
}
if [ "xlist" = "x$action" ]; then
echo "$FW_DIR/$k/$path"
else
debug " Removing \"$FW_DIR/$k/$path\""
$cmd rm -f $verbose_opt "$FW_DIR/$k/$path"
$cmd rmdir -p $verbose_opt \
"$FW_DIR/$k/$(dirname $path)" 2>/dev/null \
|| true
fi
done
if [ -e "$FW_DIR/$k/readme-$i" ]; then
if [ "xlist" = "x$action" ]; then
echo "$FW_DIR/$k/readme-$i"
else
$cmd rm -f $verbose_opt \
"$FW_DIR/$k/readme-$i"
$cmd rmdir -p $verbose_opt \
"$FW_DIR/$k" 2>/dev/null || true
fi
fi
;;
esac
[ 0 -eq "$ret" ] || {
debug " Checking for caveats failed" \
"(kernel version \"$k\"), skipping"
continue
}
[ -n "$paths" ] || {
debug " List of paths to add is empty, skipping"
continue
}
case "$action" in
add|refresh)
debug " Adding $paths (part of $action)..."
Update Intel CPU microcode to microcode-20240531 release - Update Intel CPU microcode to microcode-20240531 release, addresses CVE-2023-22655, CVE-2023-23583. CVE-2023-28746, CVE-2023-38575, CVE-2023-39368, CVE-2023-42667, CVE-2023-43490, CVE-2023-45733, CVE-2023-46103, CVE-2023-49141: - Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c; - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at revision 0x4121; - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) at revision 0x4121; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-08) at revision 0x4121; - Addition of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) at revision 0x4121; - Addition of 06-ba-08/0xe0 microcode at revision 0x4121; - Addition of 06-cf-01/0x87 (EMR-SP A0) microcode at revision 0x21000230; - Addition of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) at revision 0x21000230; - Addition of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) at revision 0x21000230; - Addition of 06-cf-02/0x87 (EMR-SP A1) microcode at revision 0x21000230; - Removal of 06-8f-04/0x10 microcode at revision 0x2c000290; - Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision 0x2b0004d0; - Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xb4 up to 0xb6; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xf8 up to 0xfa; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xf4 up to 0xf8; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xf4 up to 0xf6; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xf4 up to 0xf6; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xfa up to 0xfc; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000181 up to 0x1000191; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003604 up to 0x4003605; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003604 up to 0x5003605; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002703 up to 0x7002802; - Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision 0xe000014 up to 0xe000015; - Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x38 up to 0x3e; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003b9 up to 0xd0003d1; - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000268 up to 0x1000290; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3e up to 0x42; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x22 up to 0x24; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc2 up to 0xc4; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x34 up to 0x36; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x4e up to 0x50; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x17 up to 0x19; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x430 up to 0x433; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x430 up to 0x433; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-ucode/06-9a-04) from revision 0x430 up to 0x433; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x430 up to 0x433; - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x5 up to 0x7; - Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000024 up to 0x24000026; - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf8 up to 0xfa; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf8 up to 0xfa; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5d up to 0x5e; - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x11d up to 0x123; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x411c up to 0x4121; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x411c up to 0x4121; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x411c up to 0x4121; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x411c up to 0x4121; - Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x12 up to 0x17; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x32 up to 0x35. * .gitignore: Replace /microcode-20231009.tar.gz entry with /microcode-20240531.tar.gz. * 0001-releasenote.md-eliminate-usage-of-U-0080.patch * 0002-releasenote.md-eliminate-most-of-the-trailing-whites.patch: Remove. * 0003-releasenote.md-remove-excess-Release-Notes-headers.patch: Likewise. * 0004-releasenote.md-sort-the-entries-of-the-20230808-rele.patch: Likewise. * 0005-releasenote.md-fix-incorrect-platform-mask-for-RPL-H.patch: Likewise. * 0006-releasenote.md-fix-stepping-for-RPL-S.patch: Likewise. * 0007-releasenote.md-add-missing-06-ba-03-e0-to-the-new-mi.patch: Likewise. * 0008-releasenote.md-remove-the-duplicating-06-9e-0c-22-re.patch: Likewise. * 0009-releasenote.md-fix-old-revisions-for-06-8e-09-10-and.patch: Likewise. * 0010-releasenote.md-add-old-revisions-for-06-be-00-11-06-.patch: Likewise. * 0011-releasenote.md-add-stub-release-notes-for-microcode-.patch: Likewise. * 06-8c-01_readme: Add a checksum for revision 0xb6. * 06-8e-9e-0x-0xca_readme: Add checksum for new microcode revisions of 06-8e-0c and 06-9e-0[9acd] CPUIDs. * 06-8e-9e-0x-dell_readme: Likewise. * codenames.list: Add descriptors for signatures a06a4 (06-aa-04, MTL), c06f1 (06-cf-01, EMR-SP A0), and c06f2 (06-cf-02, EMR-SP A1). * microcode_ctl.spec (intel_ucode_version): Bump to 20240531. (Source0): Add the URL back. (Patch0001, Patch0002, Patch0003, Patch0004, Patch0005, Patch0006, Patch0007, Patch0008, Patch0009, Patch0010, Patch0011): Remove. (%prep): Don't apply the patches. (%changelog): Add a record. * sources: Replace microcode-20231009.tar.gz record with microcode-20240531.tar.gz. * update_ucode: Also check for symvers.xz in addition to symvers.gz. Resolves: RHEL-30861 Resolves: RHEL-30864 Resolves: RHEL-30867 Resolves: RHEL-30870 Resolves: RHEL-30873 Resolves: RHEL-41094 Resolves: RHEL-41109 Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>
2024-07-29 16:04:22 +00:00
[ -e "/lib/modules/$k/symvers.gz" -o -e "/lib/modules/$k/symvers.xz" ] || {
debug " \"/lib/modules/$k/symvers.[gx]z\"" \
"does not exist, skipping"
continue
}
for p in $(printf "%s" "$paths"); do
find_d "$DATA_DIR/$i" -path "$DATA_DIR/$i/$p" \
-printf "%P\n"
done | while read -r path; do
[ ! -e "$FW_DIR/$k/$path" ] || {
debug " $FW_DIR/$k/$path already" \
"exists, skipping"
continue
}
debug " Adding \"$FW_DIR/$k/$path\""
$cmd mkdir -p $verbose_opt \
"$(dirname "$FW_DIR/$k/$path")"
$cmd ln -fs $verbose_opt "$DATA_DIR/$i/$path" \
"$FW_DIR/$k/$path"
done
if [ -e "$FW_DIR/$k/readme-$i" ]; then
debug " $FW_DIR/$k/readme-$i already" \
"exists, skipping creation"
else
$cmd cp $verbose_opt "$DATA_DIR/$i/readme" \
"$FW_DIR/$k/readme-$i"
fi
;;
remove)
esac
done
done
# Removing possible dangling symlinks in kernel-specific directories
debug "Checking for dangling symlinks..."
for k in $(echo "$kernel"); do
debug " Processing kernel version \"$k\""
find_d "${FW_DIR}/${k}" \
-mindepth 1 -type l -printf '%p\n' \
| while read -r fname; do
[ -e "$fname" ] || {
debug " Removing danging symlink \"$fname\""
$cmd rm -f $verbose_opt "$fname"
}
done
done