From 901c3c84e88c55cac3e851a9daa75650fb2c012e Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 15 2023 19:14:12 +0000 Subject: import microcode_ctl-2.1-73.20.el7_9 --- diff --git a/.gitignore b/.gitignore index c5da238..a1dfd8c 100644 --- a/.gitignore +++ b/.gitignore @@ -2,5 +2,5 @@ SOURCES/06-2d-07 SOURCES/06-4e-03 SOURCES/06-55-04 SOURCES/06-5e-03 -SOURCES/microcode-20230808.tar.gz +SOURCES/microcode-20231009.tar.gz SOURCES/microcode_ctl-2.1-18.tar.xz diff --git a/.microcode_ctl.metadata b/.microcode_ctl.metadata index 44f1e8a..019ad34 100644 --- a/.microcode_ctl.metadata +++ b/.microcode_ctl.metadata @@ -2,5 +2,5 @@ bcf2173cd3dd499c37defbc2533703cfa6ec2430 SOURCES/06-2d-07 06432a25053c823b0e2a6b8e84e2e2023ee3d43e SOURCES/06-4e-03 2e405644a145de0f55517b6a9de118eec8ec1e5a SOURCES/06-55-04 86c60ee7d5d0d7115a4962c1c61ceecb0fd3a95a SOURCES/06-5e-03 -ab44d7e09a0fc141608725b2550e784aae4c9da8 SOURCES/microcode-20230808.tar.gz +bdbc8d6488cf197476253cb9bc50532cc76d91a1 SOURCES/microcode-20231009.tar.gz 3959afc5d69a916a730131ce0f768db263e9e4f1 SOURCES/microcode_ctl-2.1-18.tar.xz diff --git a/SOURCES/0011-releasenote.md-add-stub-release-notes-for-microcode-.patch b/SOURCES/0011-releasenote.md-add-stub-release-notes-for-microcode-.patch new file mode 100644 index 0000000..fdfa060 --- /dev/null +++ b/SOURCES/0011-releasenote.md-add-stub-release-notes-for-microcode-.patch @@ -0,0 +1,62 @@ +From f8d6bf8bd8f9ca011c9e0703ece03b2a128b263a Mon Sep 17 00:00:00 2001 +From: Eugene Syromiatnikov +Date: Mon, 6 Nov 2023 12:59:23 +0100 +Subject: [PATCH] releasenote.md: add stub release notes for microcode-20231009 + +Signed-off-by: Eugene Syromiatnikov +--- + releasenote.md | 40 ++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 40 insertions(+) + +diff --git a/releasenote.md b/releasenote.md +index 429105c..050cfb4 100644 +--- a/releasenote.md ++++ b/releasenote.md +@@ -1,4 +1,44 @@ + # Release Notes ++## microcode-20231009 ++ ++### Purpose ++ ++- Security updates for [INTEL-SA-00950](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html) ++ ++- Update for functional issues. ++ ++### New Platforms ++ ++### Updated Platforms ++ ++| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products ++|:---------------|:---------|:------------|:---------|:---------|:--------- ++| ADL | C0 | 06-97-02/07 | 0000002e | 00000032 | Core Gen12 ++| ADL | C0 | 06-97-05/07 | 0000002e | 00000032 | Core Gen12 ++| ADL | C0 | 06-bf-02/07 | 0000002e | 00000032 | Core Gen12 ++| ADL | C0 | 06-bf-05/07 | 0000002e | 00000032 | Core Gen12 ++| ADL | L0 | 06-9a-03/80 | 0000042c | 00000430 | Core Gen12 ++| ADL | L0 | 06-9a-04/80 | 0000042c | 00000430 | Core Gen12 ++| ADL-N | A0 | 06-be-00/11 | 00000011 | 00000012 | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ++| AZB | A0 | 06-9a-04/40 | 00000004 | 00000005 | Intel(R) Atom(R) C1100 ++| ICL-D | B0 | 06-6c-01/10 | 01000230 | 01000268 | Xeon D-17xx, D-27xx ++| ICL-U/Y | D1 | 06-7e-05/80 | 000000bc | 000000c2 | Core Gen10 Mobile ++| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003a5 | 0d0003b9 | Xeon Scalable Gen3 ++| RKL-S | B0 | 06-a7-01/02 | 00000059 | 0000005d | Core Gen11 ++| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004119 | 0000411c | Core Gen13 ++| RPL-S | B0 | 06-b7-01/32 | 00000119 | 0000011d | Core Gen13 ++| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004119 | 0000411c | Core Gen13 ++| SPR-HBM | B1 | 06-8f-05/10 | 2c000271 | 2c000290 | Xeon Max ++| SPR-HBM | B3 | 06-8f-08/10 | 2c000271 | 2c000290 | Xeon Max ++| SPR-SP | E2 | 06-8f-05/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 ++| SPR-SP | E3 | 06-8f-06/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 ++| SPR-SP | E4/S2 | 06-8f-07/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 ++| SPR-SP | E5/S3 | 06-8f-08/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 ++| TGL | B0/B1 | 06-8c-01/80 | 000000ac | 000000b4 | Core Gen11 Mobile ++| TGL-H | R0 | 06-8d-01/c2 | 00000046 | 0000004e | Core Gen11 Mobile ++| TGL-R | C0 | 06-8c-02/c2 | 0000002c | 00000034 | Core Gen11 Mobile ++ ++ + ## [microcode-20230808](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230808) + + ### Purpose +-- +2.13.6 + diff --git a/SOURCES/06-8c-01_readme b/SOURCES/06-8c-01_readme index a5f8e4a..418bb0e 100644 --- a/SOURCES/06-8c-01_readme +++ b/SOURCES/06-8c-01_readme @@ -16,6 +16,7 @@ microcode revisions in question are listed below: * 06-8c-01, revision 0xa6: fdcf89e3a15a20df8aeee215b78bf5d13d731044 * 06-8c-01, revision 0xaa: cf84883f6b3184690c25ccade0b10fa839ac8657 * 06-8c-01, revision 0xac: b9f342e564a0be372ed1f4709263bf811feb022a + * 06-8c-01, revision 0xb4: 6596bb8696cde85538bb833d090f0b7a42d6ae14 Please contact your system vendor for a BIOS/firmware update that contains the latest microcode version. For the information regarding microcode versions diff --git a/SOURCES/microcode_ctl-use-microcode-20230808-tgz.patch b/SOURCES/microcode_ctl-use-microcode-20230808-tgz.patch deleted file mode 100644 index 2b28d4a..0000000 --- a/SOURCES/microcode_ctl-use-microcode-20230808-tgz.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: microcode_ctl-2.1-18/Makefile -=================================================================== ---- microcode_ctl-2.1-18.orig/Makefile 2018-07-24 09:15:12.463115045 +0200 -+++ microcode_ctl-2.1-18/Makefile 2018-08-09 06:18:45.524503945 +0200 -@@ -8,7 +8,7 @@ - # 2 of the License, or (at your option) any later version. - - PROGRAM = intel-microcode2ucode --MICROCODE_INTEL = microcode-20180703.tgz -+MICROCODE_INTEL = microcode-20230808.tar.gz - - INS = install - CC = gcc diff --git a/SOURCES/microcode_ctl-use-microcode-20231009-tgz.patch b/SOURCES/microcode_ctl-use-microcode-20231009-tgz.patch new file mode 100644 index 0000000..169122b --- /dev/null +++ b/SOURCES/microcode_ctl-use-microcode-20231009-tgz.patch @@ -0,0 +1,13 @@ +Index: microcode_ctl-2.1-18/Makefile +=================================================================== +--- microcode_ctl-2.1-18.orig/Makefile 2018-07-24 09:15:12.463115045 +0200 ++++ microcode_ctl-2.1-18/Makefile 2018-08-09 06:18:45.524503945 +0200 +@@ -8,7 +8,7 @@ + # 2 of the License, or (at your option) any later version. + + PROGRAM = intel-microcode2ucode +-MICROCODE_INTEL = microcode-20180703.tgz ++MICROCODE_INTEL = microcode-20231009.tar.gz + + INS = install + CC = gcc diff --git a/SPECS/microcode_ctl.spec b/SPECS/microcode_ctl.spec index 5642cb6..069669a 100644 --- a/SPECS/microcode_ctl.spec +++ b/SPECS/microcode_ctl.spec @@ -1,5 +1,5 @@ %define upstream_version 2.1-18 -%define intel_ucode_version 20230808 +%define intel_ucode_version 20231009 %define caveat_dir %{_datarootdir}/microcode_ctl/ucode_with_caveats %define microcode_ctl_libexec %{_libexecdir}/microcode_ctl @@ -21,13 +21,14 @@ Summary: Tool to transform and deploy CPU microcode update for x86. Name: microcode_ctl Version: 2.1 -Release: 73.19%{?dist} +Release: 73.20%{?dist} Epoch: 2 Group: System Environment/Base License: GPLv2+ and Redistributable, no modification permitted URL: https://pagure.io/microcode_ctl Source0: https://releases.pagure.org/microcode_ctl/%{name}-%{upstream_version}.tar.xz -Source1: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/microcode-%{intel_ucode_version}.tar.gz +#Source1: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/microcode-%{intel_ucode_version}.tar.gz +Source1: microcode-%{intel_ucode_version}.tar.gz # (Pre-MDS) revision 0x714 of 06-2d-07 microcode Source2: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/raw/microcode-20190514/intel-ucode/06-2d-07 @@ -126,6 +127,7 @@ Patch1007: 0007-releasenote.md-add-missing-06-ba-03-e0-to-the-new-mi.patch Patch1008: 0008-releasenote.md-remove-the-duplicating-06-9e-0c-22-re.patch Patch1009: 0009-releasenote.md-fix-old-revisions-for-06-8e-09-10-and.patch Patch1010: 0010-releasenote.md-add-old-revisions-for-06-be-00-11-06-.patch +Patch1011: 0011-releasenote.md-add-stub-release-notes-for-microcode-.patch Buildroot: %{_tmppath}/%{name}-%{version}-root @@ -184,6 +186,7 @@ cp "%{SOURCE1}" . %patch1008 -p1 %patch1009 -p1 %patch1010 -p1 +%patch1011 -p1 %build make CFLAGS="$RPM_OPT_FLAGS" %{?_smp_mflags} @@ -578,6 +581,160 @@ rm -rf %{buildroot} %changelog +* Wed Nov 01 2023 Eugene Syromiatnikov - 2:2.1-73.20 +- Update Intel CPU microcode to microcode-20231009 release, addresses + CVE-2023-23583 (RHEL-3920): + - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in + intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xac up to 0xb4; + - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 + up to 0xd0003b9; + - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 + up to 0x1000268; + - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc + up to 0xc2; + - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x2c up + to 0x34; + - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x46 up + to 0x4e; + - Update of 06-8f-04/0x10 microcode from revision 0x2c000271 up to + 0x2c000290; + - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode from revision + 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in + intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in + intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) from + revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in + intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in + intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in + intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in + intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from + revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in + intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision + 0x2c000271 up to 0x2c000290; + - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004b1 + up to 0x2b0004d0; + - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from + revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in + intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in + intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in + intel-ucode/06-8f-05) from revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in + intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from + revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in + intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in + intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in + intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-06/0x10 microcode from revision 0x2c000271 up to + 0x2c000290; + - Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004b1 + up to 0x2b0004d0; + - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in + intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in + intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in + intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in + intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in + intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in + intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision + 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in + intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from + revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in + intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in + intel-ucode/06-8f-08) from revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in + intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from + revision 0x2c000271 up to 0x2c000290; + - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in + intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in + intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision + 0x2c000271 up to 0x2c000290; + - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision + 0x2b0004b1 up to 0x2b0004d0; + - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision + 0x2e up to 0x32; + - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in + intel-ucode/06-97-02) from revision 0x2e up to 0x32; + - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) + from revision 0x2e up to 0x32; + - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) + from revision 0x2e up to 0x32; + - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in + intel-ucode/06-97-05) from revision 0x2e up to 0x32; + - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x2e + up to 0x32; + - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) + from revision 0x2e up to 0x32; + - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) + from revision 0x2e up to 0x32; + - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision + 0x42c up to 0x430; + - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in + intel-ucode/06-9a-03) from revision 0x42c up to 0x430; + - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in + intel-ucode/06-9a-04) from revision 0x42c up to 0x430; + - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x42c + up to 0x430; + - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x4 up + to 0x5; + - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x59 up + to 0x5d; + - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x119 up + to 0x11d; + - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision + 0x4119 up to 0x411c; + - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in + intel-ucode/06-ba-02) from revision 0x4119 up to 0x411c; + - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in + intel-ucode/06-ba-03) from revision 0x4119 up to 0x411c; + - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4119 + up to 0x411c; + - Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x11 up + to 0x12; + - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in + intel-ucode/06-bf-02) from revision 0x2e up to 0x32; + - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in + intel-ucode/06-bf-02) from revision 0x2e up to 0x32; + - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x2e up + to 0x32; + - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) + from revision 0x2e up to 0x32; + - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in + intel-ucode/06-bf-05) from revision 0x2e up to 0x32; + - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in + intel-ucode/06-bf-05) from revision 0x2e up to 0x32; + - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) + from revision 0x2e up to 0x32; + - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x2e up + to 0x32. + * Thu Aug 10 2023 Eugene Syromiatnikov - 2:2.1-73.19 - Update Intel CPU microcode to microcode-20230808 release, addresses CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2223994):