[Hamara-devel] support for intel-microcode package ?

shirish shirish at hamaralinux.org
Mon Nov 16 14:57:59 GMT 2015 

Hi all,

Should we support intel-microcode package.

See tracker.debian.org/intel-microcode . It is a way to update Processor 
microcode firmware for Intel CPUs

 From today's changelog -

intel-microcode (3.20151106.1) unstable; urgency=medium

   * New upstream microcode data file 20151106
     + New Microcodes:
       sig 0x000306f4, pf mask 0x80, 2015-07-17, rev 0x0009, size 14336
       sig 0x00040671, pf mask 0x22, 2015-08-03, rev 0x0013, size 11264
     + Updated Microcodes:
       sig 0x000306c3, pf mask 0x32, 2015-08-13, rev 0x001e, size 21504
       sig 0x000306d4, pf mask 0xc0, 2015-09-11, rev 0x0022, size 16384
       sig 0x000306f2, pf mask 0x6f, 2015-08-10, rev 0x0036, size 30720
       sig 0x00040651, pf mask 0x72, 2015-08-13, rev 0x001d, size 20480
     * This massive Haswell + Broadwell (and related Xeons) update fixes
       several critical errata, including the high-hitting BDD86/BDM101/
       HSM153(?) which triggers an MCE and locks the processor core
       (LP: #1509764)
     * Might fix critical errata BDD51, BDM53 (TSX-related)
   * source: remove superseded upstream data file: 20150121
   * Add support for supplementary microcode bundles:
     + README.source: update and mention supplementary microcode
     + Makefile: support supplementary microcode
       Add support for supplementary microcode bundles, which (unlike .fw
       microcode override files) can be superseded by a higher revision
       microcode from the latest regular microcode bundle.  Also, fix the
       "oldies" target to have its own exclude filter (IUC_OLDIES_EXCLUDE)
     * Add support for x32 arch:
     + README.source: mention x32
     + control,rules: enable building on x32 arch (Closes: #777356)
   * ucode-blacklist: add Broadwell and Haswell-E signatures
     Add a missing signature for Haswell Refresh (Haswell-E) to the "must
     be updated only by the early microcode update driver" list.  There
     is at least one report of one of the Broadwell microcode updates
     disabling TSX-NI, so add them as well just in case

-- Henrique de Moraes Holschuh <hmh at debian.org>  Mon, 09 Nov 2015 
23:07:32 -0200

The controversial part is because the firmware packages are just 
blackboxes you actually do not know what you are installing, is it just 
correcting processor behaviour or also installing a back-door for the NSA.

-- 
Regards,
Shirish Agarwal,
Community Lead,
Hamaralinux.org

More information about the Hamara-devel mailing list