import microcode_ctl-20220809-2.el8

This commit is contained in:
CentOS Sources 2023-03-28 09:25:31 +00:00 committed by Stepan Oksanichenko
parent 6cff062abd
commit 2932d7cc9c
6 changed files with 79 additions and 59 deletions

2
.gitignore vendored
View File

@ -4,4 +4,4 @@ SOURCES/06-55-04
SOURCES/06-5e-03
SOURCES/microcode-20190918.tar.gz
SOURCES/microcode-20191115.tar.gz
SOURCES/microcode-20220510.tar.gz
SOURCES/microcode-20220809.tar.gz

View File

@ -4,4 +4,4 @@ bcf2173cd3dd499c37defbc2533703cfa6ec2430 SOURCES/06-2d-07
86c60ee7d5d0d7115a4962c1c61ceecb0fd3a95a SOURCES/06-5e-03
bc20d6789e6614b9d9f88ee321ab82bed220f26f SOURCES/microcode-20190918.tar.gz
774636f4d440623b0ee6a2dad65260e81208074d SOURCES/microcode-20191115.tar.gz
0aeb386e2f4650e04bb748a75ecec10f4642e4a5 SOURCES/microcode-20220510.tar.gz
13f53eed16b393325f1cf571113f102afb7ac27b SOURCES/microcode-20220809.tar.gz

View File

@ -1,47 +0,0 @@
From 6ff5aa24a9460441cf2f1008792af134aeca0931 Mon Sep 17 00:00:00 2001
From: Eugene Syromiatnikov <esyr@redhat.com>
Date: Tue, 10 May 2022 20:48:31 +0200
Subject: [PATCH] releasenote.md: changes summary fixes for microcode-20220510
* releasenote.md (New Platforms): Change the second 06-bf-02/03 entry
to 06-bf-05/03.
(Updated Platforms): Change the case to lower in PF of 06-37-09/0f;
change "GKL-R" to "GLK-R" (stands for Gemini Lake Refresh).
Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>
---
releasenote.md | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/releasenote.md b/releasenote.md
index 7fac640..c4a1ba7 100644
--- a/releasenote.md
+++ b/releasenote.md
@@ -18,13 +18,13 @@
| ADL | L0 | 06-9a-03/80 | | 0000041c | Core Gen12
| ADL | L0 | 06-9a-04/80 | | 0000041c | Core Gen12
| ADL | C0 | 06-bf-02/03 | | 0000001f | Core Gen12
-| ADL | C0 | 06-bf-02/03 | | 0000001f | Core Gen12
+| ADL | C0 | 06-bf-05/03 | | 0000001f | Core Gen12
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
-| VLV | D0 | 06-37-09/0F | 0000090c | 0000090d | Atom E38xx
+| VLV | D0 | 06-37-09/0f | 0000090c | 0000090d | Atom E38xx
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000ec | 000000f0 | Core Gen6 Mobile
| SKX-SP | B1 | 06-55-03/97 | 0100015c | 0100015d | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006c0a | 02006d05 | Xeon Scalable
@@ -38,7 +38,7 @@
| DNV | B0 | 06-5f-01/01 | 00000036 | 00000038 | Atom C Series
| ICX-SP | D0 | 06-6a-06/87 | 0d000331 | 0d000363 | Xeon Scalable Gen3
| GLK | B0 | 06-7a-01/01 | 00000038 | 0000003a | Pentium Silver N/J5xxx, Celeron N/J4xxx
-| GKL-R | R0 | 06-7a-08/01 | 0000001c | 0000001e | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
+| GLK-R | R0 | 06-7a-08/01 | 0000001c | 0000001e | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 000000a8 | 000000b0 | Core Gen10 Mobile
| LKF | B2/B3 | 06-8a-01/10 | 0000002d | 00000031 | Core w/Hybrid Technology
| TGL | B1 | 06-8c-01/80 | 0000009a | 000000a4 | Core Gen11 Mobile
--
2.13.6

View File

@ -22,6 +22,7 @@ microcode revisions in question are listed below:
* 06-55-04, revision 0x2006b06: cb5bec976cb9754e3a22ab6828b3262a8f9eccf7
* 06-55-04, revision 0x2006c0a: 76b641375d136c08f5feb46aacebee40468ac085
* 06-55-04, revision 0x2006d05: dc4207cf4eb916ff34acbdddc474db0df781234f
* 06-55-04, revision 0x2006e05: bc67d247ad1c9a834bec5e452606db1381d6bc7e
Please contact your system vendor for a BIOS/firmware update that contains
the latest microcode version. For the information regarding microcode versions
@ -65,6 +66,8 @@ to the following knowledge base articles:
CVE-2022-21151 (Optimization Removal-Induced Informational Disclosure),
CVE-2022-21166 (Device Register Partial Write):
https://access.redhat.com/articles/6963124
* CVE-2022-21233 (Stale Data Read from legacy xAPIC):
https://access.redhat.com/articles/6976398
The information regarding disabling microcode update is provided below.

View File

@ -874,3 +874,5 @@ Intel CPU vulnerabilities is available in the following knowledge base articles:
CVE-2022-21151 (Optimization Removal-Induced Informational Disclosure),
CVE-2022-21166 (Device Register Partial Write):
https://access.redhat.com/articles/6963124
* CVE-2022-21233 (Stale Data Read from legacy xAPIC):
https://access.redhat.com/articles/6976398

View File

@ -1,4 +1,4 @@
%define intel_ucode_version 20220510
%define intel_ucode_version 20220809
%global debug_package %{nil}
%define caveat_dir %{_datarootdir}/microcode_ctl/ucode_with_caveats
@ -13,7 +13,7 @@
Summary: CPU microcode updates for Intel x86 processors
Name: microcode_ctl
Version: %{intel_ucode_version}
Release: 1%{?dist}
Release: 2%{?dist}
Epoch: 4
License: CC0 and Redistributable, no modification permitted
URL: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files
@ -122,9 +122,6 @@ Source1000: gen_provides.sh
Source1001: codenames.list
Source1002: gen_updates2.py
# microcode-20220510-1-g6ff5aa2 "releasenote.md: changes summary fixes for microcode-20220510"
Patch1001: 0001-releasenote.md-changes-summary-fixes-for-microcode-2.patch
ExclusiveArch: %{ix86} x86_64
BuildRequires: systemd-units
# hexdump is used in gen_provides.sh
@ -151,8 +148,6 @@ is no longer used for microcode upload and, as a result, no longer provided.
%prep
%setup -n "Intel-Linux-Processor-Microcode-Data-Files-microcode-%{intel_ucode_version}"
%patch1001 -p1
%build
# replacing SNB-EP (CPUID 0x206d7) microcode with pre-MDS version
mv intel-ucode/06-2d-07 intel-ucode-with-caveats/
@ -327,7 +322,7 @@ install -m 644 "%{SOURCE182}" "%{tgl_inst_dir}/disclaimer"
# send the message to syslog, so it gets recorded on /var/log
if [ -e /usr/bin/logger ]; then
%{check_caveats} -m -d | /usr/bin/logger -p syslog.notice -t DISCLAIMER
%{check_caveats} -m -d | /usr/bin/logger -p syslog.warning -t DISCLAIMER
fi
# also paste it over dmesg (some customers drop dmesg messages while
# others keep them into /var/log for the later case, we'll have the
@ -438,7 +433,7 @@ rpm -qa --qf "${qf}" ${pkgs} | sort -r -n -k'3,3' | {
done
if [ -n "${skipped}" ]; then
skip_msg="After installation of a new version of microcode_ctl package,
skip_msg="<4>After installation of a new version of microcode_ctl package,
initramfs hasn't been re-generated for all the installed kernel packages.
The following kernel packages have been skipped:${skipped}.
Please re-generate initramfs manually for these kernel packages with the
@ -447,7 +442,7 @@ Intel CPU microcode included into early initramfs image for it, if needed."
if [ -e /usr/bin/logger ]; then
echo "${skip_msg}" |
/usr/bin/logger -p syslog.notice -t microcode_ctl
/usr/bin/logger -p syslog.warning -t microcode_ctl
fi
if [ -e /dev/kmsg ]; then
@ -549,6 +544,73 @@ rm -rf %{buildroot}
%changelog
* Tue Oct 25 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-2
- Change the logger severity level to warning to align with the kmsg one
(#2136224).
* Tue Aug 09 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-1
- Update Intel CPU microcode to microcode-20220510 release, addresses
CVE-2022-21233 (#2115667):
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006d05 up
to 0x2006e05;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015d
up to 0x100015e;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000363
up to 0xd000375;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3a up
to 0x3c;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x1e up
to 0x20;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xb0
up to 0xb2;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x26 up
to 0x28;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x3e up
to 0x40;
- Update of 06-97-02/0x03 (ADL-HX/S 8+8 C0) microcode from revision
0x1f up to 0x22;
- Update of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x1f up to 0x22;
- Update of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x1f up to 0x22;
- Update of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x1f up to 0x22;
- Update of 06-97-02/0x03 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x1f up to 0x22;
- Update of 06-97-05/0x03 (ADL-S 6+0 K0) microcode from revision 0x1f
up to 0x22;
- Update of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x1f up to 0x22;
- Update of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x1f up to 0x22;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x41c up to 0x421;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x41c up to 0x421;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x41c up to 0x421;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x41c
up to 0x421;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x53 up
to 0x54;
- Update of 06-97-02/0x03 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x1f up to 0x22;
- Update of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x1f up to 0x22;
- Update of 06-bf-02/0x03 (ADL C0) microcode from revision 0x1f up
to 0x22;
- Update of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x1f up to 0x22;
- Update of 06-97-02/0x03 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x1f up to 0x22;
- Update of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x1f up to 0x22;
- Update of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x1f up to 0x22;
- Update of 06-bf-05/0x03 (ADL C0) microcode from revision 0x1f up
to 0x22.
* Tue May 10 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220510-1
- Update Intel CPU microcode to microcode-20220510 release, addresses
CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151 (#2086743):