On 20/12/2013, ron minnich <[email protected]> wrote: > At this point it's harder and harder to escape the Blob. It eats you > alive! http://www.youtube.com/watch?v=TdUsyXQ8Wrs
In a similar vein :) https://web.archive.org/web/20130422085916/http://www.openbsd.org/lyrics.html#39 On 02/01/2014, mrnuke <[email protected]> wrote: > On Thursday, January 02, 2014 11:28:14 PM Sam Kuper wrote: >> On the C7/C710 and Pavilion 14 as shipped, where are those microcode >> updates stored? >> > This [1] should help you extract a stock coreboot.rom that you can cbfstool > > with. The rest is left as an exercise to the reader. > (Short answer: cpu_microcode_blob.bin in CBFS) Thank you, but unfortunately, I don't own a Samsung Series 5 550 or a Series 3 Chromebox, nor any other CrOS device from which to extract a stock coreboot.rom. >> > And >> > how exactly is a CPU different if the microcode update is patched in >> > the >> > factory rather than uploaded at boot? >> >> First of all, if some microcode is in the CPU from the factory rather >> [yada, yada, yada] > > I don't care for any Stallmanian lecturing on how microcode updates work. > [...] With the risk of sounding arrogant, that > gives > me the credit to avoid your uninformed lecturing. With respect, I wasn't trying to lecture anyone; I was giving a straight answer to your question. I freely admit I'm not terribly well-informed on the subject. That's why I'm reading to learn as much as I can and asking questions here to fill in the gaps. > You have the option in > coreboot to not include them. Period. That was my understanding, but thanks for confirming it. > What I gather from your description is that you want is the CPU that works > best without microcode updates. I'm after a couple of things: - Server: x86, not necessarily Intel, with Core Solo performance or better, that supports 16GB+ of RAM with double bit error correction (e.g. Chipkill). - Laptop/netbook: not necessarily x86, with Core Solo performance or better, that supports 2GB+ of RAM. And the kicker is that I'd like both to be fully open! Since no such systems appear to exist, I'm trying in each case to pick the least worst option.[1] That *doesn't necessarily* mean running without microcode updates, so even though you may not agree with them, the reasons I gave for distinguishing between baked-in microcode and patched-in microcode were earnest ones. It does mean that I've read the "supported motherboards" page (for the server) and the X60 and Chromebook-related pages - plus several other pages - on the Coreboot wiki. > Ask around That's what I'm doing :) > or test yourself. I intend to, but first I'm trying to identify the best candidate(s), because my budget is small. If the C7/C710/HP14 didn't have CPU errata & corresponding microcode updates, then I'd be tempted to get one for testing. If not, then probably the X60 is a better option for me. Hence my questions here :) > I don't think > many people have tested without microcode updates. Some Trisquel folks are running without microcode updates.[2] I don't know if anyone except Intel and the sort of security folks mentioned in Kris Kaspersky's presentation[3] are *testing* anything in relation to that, though. Anyhow, since I've managed inadvertently to generate a couple of slightly tetchy replies here since I started this thread (i.e. yours and the earlier one from Gregg Levine), maybe that's a hint that I'm asking too many questions or something, and that I should take my leave for now? Thanks again for the help you've given, Sam [1] I don't have a fixed understanding of what I mean by "least worst option". Each time I learn something relevant, I try to update my understanding accordingly. [2] http://trisquel.info/en/forum/intel-processor-microcode-security-update-trisquel [3] http://www.cs.dartmouth.edu/~sergey/cs258/2010/D2T1%20-%20Kris%20Kaspersky%20-%20Remote%20Code%20Execution%20Through%20Intel%20CPU%20Bugs.pdf -- coreboot mailing list: [email protected] http://www.coreboot.org/mailman/listinfo/coreboot
