summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2018-01-04 17:24:38 +0100
committerThomas Deutschmann <whissi@gentoo.org>2018-01-04 17:24:55 +0100
commite6ea9dcb23142a268cef722793a408071677d6b1 (patch)
tree3c2d353e40b51102c6a0ff64fdb3a91a0afc938f /sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild
parentsys-block/tw_cli: special version for >=3.8 kernel (diff)
downloadgentoo-e6ea9dcb23142a268cef722793a408071677d6b1.tar.gz
gentoo-e6ea9dcb23142a268cef722793a408071677d6b1.tar.bz2
gentoo-e6ea9dcb23142a268cef722793a408071677d6b1.zip
sys-firmware/intel-microcode: Rev bump for CVE-2017-5715 mitigation
The CPU microcode for Intel Haswell-X, Skylake-X and Broadwell-X chipsets was updated to report both branch prediction control via CPUID flag and ability to control branch prediction via an MSR register. Required for kernel mitigation against CVE-2017-5715. Bug: https://bugs.gentoo.org/643430 Package-Manager: Portage-2.3.19, Repoman-2.3.6
Diffstat (limited to 'sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild')
-rw-r--r--sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild39
1 files changed, 39 insertions, 0 deletions
diff --git a/sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild b/sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild
new file mode 100644
index 000000000000..aa9186b43f8a
--- /dev/null
+++ b/sys-firmware/intel-microcode/intel-microcode-20171117_p20171215.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit toolchain-funcs
+
+# Find updates by searching and clicking the first link (hopefully it's the one):
+# http://www.intel.com/content/www/us/en/search.html?keyword=Processor+Microcode+Data+File
+
+NUM="27337"
+DESCRIPTION="Intel IA32/IA64 microcode update data"
+HOMEPAGE="http://inertiawar.com/microcode/ https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=${NUM}"
+#SRC_URI="http://downloadmirror.intel.com/${NUM}/eng/microcode-${PV}.tgz"
+SRC_URI="mirror://gentoo/microcode-${PV}.tgz
+ https://dev.gentoo.org/~whissi/dist/${PN}/microcode-${PV}.tgz"
+
+LICENSE="intel-ucode"
+SLOT="0"
+KEYWORDS="-* ~amd64 ~x86"
+IUSE="initramfs +split-ucode"
+REQUIRED_USE="|| ( initramfs split-ucode )"
+
+DEPEND="initramfs? ( sys-apps/iucode_tool )"
+RDEPEND="!<sys-apps/microcode-ctl-1.17-r2" #268586
+
+S=${WORKDIR}
+
+src_compile() {
+ if use initramfs ; then
+ iucode_tool --write-earlyfw=microcode.cpio intel-ucode/ || die
+ fi
+}
+
+src_install() {
+ insinto /lib/firmware
+ use initramfs && doins microcode.cpio
+ use split-ucode && doins -r intel-ucode
+}