commit: e6ea9dcb23142a268cef722793a408071677d6b1 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> AuthorDate: Thu Jan 4 16:24:38 2018 +0000 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> CommitDate: Thu Jan 4 16:24:55 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e6ea9dcb
sys-firmware/intel-microcode: Rev bump for CVE-2017-5715 mitigation The CPU microcode for Intel Haswell-X, Skylake-X and Broadwell-X chipsets was updated to report both branch prediction control via CPUID flag and ability to control branch prediction via an MSR register. Required for kernel mitigation against CVE-2017-5715. Bug: https://bugs.gentoo.org/643430 Package-Manager: Portage-2.3.19, Repoman-2.3.6 sys-firmware/intel-microcode/Manifest | 1 + .../intel-microcode-20171117_p20171215.ebuild | 39 ++++++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/sys-firmware/intel-microcode/Manifest b/sys-firmware/intel-microcode/Manifest index e37c29bbc77..22f1ac958e3 100644 --- a/sys-firmware/intel-microcode/Manifest +++ b/sys-firmware/intel-microcode/Manifest @@ -9,3 +9,4 @@ DIST microcode-20161104.tgz 1290125 BLAKE2B 9274bebe3f9104f0afc6378ae40810b2a634 DIST microcode-20170511.tgz 2143617 BLAKE2B a2185b44cfca9832d2a80f12a189c49365ed323692b8fd94e99a0f4e8d3f0102a21cfce806ad9e53f172c3ae038f4ffafbafc8421bea6668bfbfdd1262bbd8e9 SHA512 4e2066096d56430c2df73631f15cf16f2317c1d8ff745d7b7cdd784ebccc2b797565eb52703cce9b4238774dbfdcaecacd892d729b7869fdfd7644008ce74a60 DIST microcode-20170707.tgz 2908882 BLAKE2B 545d94ee9292d1ba730932f11660d0e0378b4a6f2a5232cdcc26333a8d707ec13b040d41617fb28c17e4b81f1df5bc4180f1979925d2fa5198f2edfb3623967c SHA512 2f0643c332318e9c818b9a23a996b59086e86e80e649589e43dbab19f13083d6d9505b8557f67b45ce56de0da043c753a14bb146e597b6669f24fe543656c65f DIST microcode-20171117.tgz 3594762 BLAKE2B 7a02c28ec6b9b22a367f8fd7d59f244d0195fef3b256fa2542bca734026e869fdefc7b368a230e94ac0554473d18d1b80aa00511ad4ab6580279f512a106c17d SHA512 b1f09dd7bb04c00e456e34bf42bf786c780aba6d2ef3231a45769216a093876e9bb15123c82ddb7d8ef5426fe10b946509f363770af3b4eba16ba76043a064b4 +DIST microcode-20171117_p20171215.tgz 1468587 BLAKE2B 58777a39f843ae880f7dd8971a9570dbfc176d69541bb9d3cdc948d7be71a7df2559265fb1c8a199bc7567bb5a60176ade1d2c36624d0193dbac98d82401d0dd SHA512 25db94dbf18b1fea9497ec1e61bb5349d7bc78b0578d8869546bc3ec579b96bee7cd62657e66ebd3d4616805e85d790ac7ee7c0fed70b5db30236ffd12b33293 diff --git a/sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild b/sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild new file mode 100644 index 00000000000..aa9186b43f8 --- /dev/null +++ b/sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit toolchain-funcs + +# Find updates by searching and clicking the first link (hopefully it's the one): +# http://www.intel.com/content/www/us/en/search.html?keyword=Processor+Microcode+Data+File + +NUM="27337" +DESCRIPTION="Intel IA32/IA64 microcode update data" +HOMEPAGE="http://inertiawar.com/microcode/ https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=${NUM}"; +#SRC_URI="http://downloadmirror.intel.com/${NUM}/eng/microcode-${PV}.tgz"; +SRC_URI="mirror://gentoo/microcode-${PV}.tgz + https://dev.gentoo.org/~whissi/dist/${PN}/microcode-${PV}.tgz"; + +LICENSE="intel-ucode" +SLOT="0" +KEYWORDS="-* ~amd64 ~x86" +IUSE="initramfs +split-ucode" +REQUIRED_USE="|| ( initramfs split-ucode )" + +DEPEND="initramfs? ( sys-apps/iucode_tool )" +RDEPEND="!<sys-apps/microcode-ctl-1.17-r2" #268586 + +S=${WORKDIR} + +src_compile() { + if use initramfs ; then + iucode_tool --write-earlyfw=microcode.cpio intel-ucode/ || die + fi +} + +src_install() { + insinto /lib/firmware + use initramfs && doins microcode.cpio + use split-ucode && doins -r intel-ucode +}
