dracut_99microcode_ctl-fw_dir_override_module_init.sh: add new default fw_dir

Since commit dracut-57~5[1], dracut uses a different set directories as default $fw_dir, which leads to not resetting it to a state where kernel-based FW directories (where the microcode for late load resides) are skipped and leads to having multiple microcode versions in the early cpio, which prevents the caveats mechanism from working properly. [1] https://github.com/dracutdevs/dracut/commit/95aeed8975dd * dracut_99microcode_ctl-fw_dir_override_module_init.sh: Check $fw_dir for the new default directory set as well in the condition for the $fw_dir reset check. * microcode_ctl.spec (Release): Bump to 2. (%changelog): Add a new record. Resolves: #2213125 Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>
2023-08-23 01:46:41 +02:00 · 2023-08-23 01:46:41 +02:00 · dc2b22a876
commit dc2b22a876
parent 42e998750c
2 changed files with 13 additions and 4 deletions
--- a/dracut_99microcode_ctl-fw_dir_override_module_init.sh
+++ b/dracut_99microcode_ctl-fw_dir_override_module_init.sh
@ -13,6 +13,7 @@ install() {
 	local DATA_DIR=/usr/share/microcode_ctl/ucode_with_caveats
 	local CFG_DIR="/etc/microcode_ctl/ucode_with_caveats"
 	local check_caveats=/usr/libexec/microcode_ctl/check_caveats
+	local fw_path_para=$(< /sys/module/firmware_class/parameters/path)

 	local verbose_opt
 	local cc_out
@ -36,9 +37,13 @@ install() {
 	}

 	# Reset fw_dir to avoid inclusion of kernel-version-specific directories
-	# populated with microcode for the late load
-	[ "x$fw_dir" != \
-	  "x/lib/firmware/updates /lib/firmware /lib/firmware/$kernel" ] || {
+	# populated with microcode for the late load, only in case it is set
+	# to the default value to avoid meddling with user-enforced changes.
+	# The second variant has been introduced in dracut-057~5.
+	[ \( "x$fw_dir" != \
+	     "x/lib/firmware/updates /lib/firmware /lib/firmware/$kernel" \) -a \
+	  \( "x$fw_dir" != \
+	     "x${fw_path_para:+$fw_path_para }/lib/firmware/updates/$kernel /lib/firmware/updates /lib/firmware/$kernel /lib/firmware" \) ] || {
 		fw_dir="/lib/firmware/updates /lib/firmware"
 		dinfo "    microcode_ctl: reset fw_dir to \"${fw_dir}\""
 	}
--- a/microcode_ctl.spec
+++ b/microcode_ctl.spec
@ -13,7 +13,7 @@
 Summary:        CPU microcode updates for Intel x86 processors
 Name:           microcode_ctl
 Version:        %{intel_ucode_version}
-Release:        1%{?dist}
+Release:        2%{?dist}
 Epoch:          4
 License:        CC0 and Redistributable, no modification permitted
 URL:            https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files
@ -569,6 +569,10 @@ rm -rf %{buildroot}


 %changelog
+* Tue Aug 22 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230808-2
+- Add support for the new, more correct, variant of dracut's default
+  $fw_dir path in dracut_99microcode_ctl-fw_dir_override_module_init.sh.
+
 * Thu Aug 10 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230808-1
 - Update Intel CPU microcode to microcode-20230808 release, addresses
  CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2213125, #2223993, #2230678,